home

pokersetup_62deda.exe

Playtech Software Installer

Playtech Software Limited

This is a setup and installation application. This is the uninstaller utility registered in the Windows Control Panel for the program Coral Poker. The file has been seen being downloaded from banner.coral.co.uk and multiple other hosts.
Publisher:
Playtech  (signed by Playtech Software Limited)

Product:
Playtech Software Installer

Description:
Coral Poker

Version:
11.2.38.0

MD5:
965d3c86ee71a0073593c30741c261c6

SHA-1:
9e9f0b13cab4cc2ff34a531be7ec808034c4f905

SHA-256:
cf307b23881efaecabead91d7c920b869a72de14963b0cbf8cf8fd23fd1bcccb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 5:40:30 AM UTC  (today)

File size:
205.3 KB (210,232 bytes)

Product version:
11.2.38.0

Copyright:
Copyright (C) 2001-2009 Playtech

Original file name:
CasinoDownloader2.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\pokersetup_62deda.exe

Digital Signature
Signed by:
Playtech Software Limited

Authority:
VeriSign, Inc.

Valid from:
10/22/2012 2:00:00 AM

Valid to:
10/27/2015 12:59:59 AM

Subject:
CN=Playtech Software Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Playtech Software Limited, L=Douglas, S=Douglas, C=IM

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7584CAA2377ED24D26D91034E6DE0EBB

File PE Metadata
Compilation timestamp:
12/13/2012 3:21:50 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:qjvW/yjqTTO+USXSL5WquIed8jhbHjjfnnxEoJ7EcC9oVf:qjQBTTO+USClWquIed81HjjPxEoOjiVf

Entry address:
0x1000

Entry point:
B8, D0, B3, 51, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 6F, 09, A0, BE, C1, CE, D2, B7, 25, 23, 96, AC, C2, 69, 7B, 59, 1D, FC, 83, E1, 6C, B8, CB, 8C, 64, 75, 6C, F6, 16, AF, D7, 70, 60, A7, 2D, 00, 97, AB, 02, A6, 55, 38, CC, CF, 3D, 74, 80, C9, 5A, AE, 4C, D9, 50, 88, BF, 6E, C9, BA, 37, A2, E4, 41, B7, D2, D4, 24, DB, A4, ED, B7, 0C, 67, A0, C1, 0D, 98, BC, 23, CF, 20, F1, 43, 75, 4D, 74, D5, E2, B0, 6B, 97, C2, 03, 44...
 
[+]

Packer / compiler:
PECompact v2

Code size:
335.5 KB (343,552 bytes)

Program Uninstaller
Program name:
Coral Poker

Uninstall string:
"C:\Poker\Coral Poker\_PokerSetup_62deda.exe" /uninstall


The file pokersetup_62deda.exe has been seen being distributed by the following 13 URLs.

http://banner.coral.co.uk/installer/.../PokerSetup_828fa3.exe

http://go.redirectingat.com/?id=53483X1292820&xs=1&url=http://affiliate.coral.co.uk/.../clickthrgh.asp?btag=a_12017b_5775&xcust=213_de_49429x80xss12

http://pt.pokerstrategy.com/coral-poker/link/.../

http://banner.coral.co.uk/installer/.../PokerSetup_31466b.exe

http://ru.pokerstrategy.com/coral-poker/link/download/.../

http://banner.coral.co.uk/installer/.../PokerSetup_fe2ae8.exe

http://banner.coral.co.uk/installer/.../PokerSetup_7b3d0f.exe

http://banner.coral.co.uk/.../redir.cgi?id=N&member=incomeaccess&profile=1stratbrd1&creferer=BTAG:a_9188b_4505c_

http://affiliate.coral.co.uk/.../clickthrgh.asp?btag=a_9188b_4505

http://banner.coral.co.uk/installer/.../PokerSetup_90fae9.exe

http://banner.coral.co.uk/installer/.../PokerSetup_8cd9b3.exe

http://banner.coral.co.uk/.../SetupPoker.exe

http://www.pokerstrategy.com/coral-poker/link/download/.../

Scan pokersetup_62deda.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.