ptu173_tmp.exe

Playtech Software Installer

Playtech Software Limited

This is a setup and installation application. This is the uninstaller utility registered in the Windows Control Panel for the program Poker 770. The file has been seen being downloaded from it.pokerstrategy.com and multiple other hosts.
Publisher:
Playtech  (signed by Playtech Software Limited)

Product:
Playtech Software Installer

Description:
Poker 770

Version:
11.2.38.0

MD5:
24f1a5cd1a629ebad64b240dc82a6101

SHA-1:
b44b4995a154028a44c90785faa2ae80d7f128fd

SHA-256:
ee16a687c11768203de77428d43ed851a8b21660f2e5fd842d568d344a87d71f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 5:34:01 AM UTC  (today)

File size:
557.3 KB (570,680 bytes)

Product version:
11.2.38.0

Copyright:
Copyright (C) 2001-2009 Playtech

Original file name:
CasinoDownloader2.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Documents and Settings\{user}\Local settings\temp\ptu173_tmp.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
10/22/2012 7:00:00 AM

Valid to:
10/27/2015 6:59:59 AM

Subject:
CN=Playtech Software Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Playtech Software Limited, L=Douglas, S=Douglas, C=IM

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7584CAA2377ED24D26D91034E6DE0EBB

File PE Metadata
Compilation timestamp:
12/13/2012 9:21:50 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:MjQBTTO+USClWquIed81HjjPFzwlHf7Y1MDHGJPDKbRaKHCfoVcdv:gQBTSw4vHfw/7YAa0RaKLidv

Entry address:
0x348BC

Entry point:
B8, 50, 42, 66, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 02, 11, 16, 9A, 72, 04, B4, F5, 2D, 16, 30, 8F, 32, 58, EA, 6B, 70, 98, 6F, EF, 50, F7, 14, 3F, 81, 87, C9, DF, 9A, CD, CC, 1C, BD, C5, CD, F8, C5, EB, 2D, C2, 22, 85, 37, 4E, DE, 3C, AA, 75, 9E, 9D, F8, 79, 6B, 4B, 78, A5, 32, ED, 63, E1, BA, 60, 54, 55, 28, 0C, D2, DD, 1D, 31, 45, 03, B3, FA, E3, D4, 49, CD, B1, CD, 6E, 7A, 25, 26, 0E, A4, 0A, AF, BA, 5D, 79, D6, 15...
 
[+]

Entropy:
7.7067

Packer / compiler:
PECompact v2

Code size:
335.5 KB (343,552 bytes)

Program Uninstaller
Program name:
Poker 770

Uninstall string:
"C:\Poker\Poker 770\_SetupPoker_e9343b.exe" /uninstall


The file ptu173_tmp.exe has been seen being distributed by the following 12 URLs.

Scan ptu173_tmp.exe - Powered by Reason Core Security