» r.g._mechanics_assassins_creed_unity-5122-torrent.exe
Overview
Analysis
File Details

r.g._mechanics_assassins_creed_unity-5122-torrent.exe

InstallShield

INTIS

The application r.g._mechanics_assassins_creed_unity-5122-torrent.exe by INTIS has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the InstallShield Setup installer.

File name:

Publisher:

Macrovision Corporation (signed by INTIS)

Product:

InstallShield

Version:

12.0.49974

MD5:

9b6bc02e492b478400a0a8e8a74e155b

SHA-1:

08b6f89a1a32900fcb8bbf7383a7e724fdb44226

SHA-256:

d95d02e06ed69c94e7b8682f940f75e82c76d65943d37920c34fd2d0b7cd25f8

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/7/2025 8:22:41 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.FileTour (M)

17.3.8.14

File size:

2.6 MB (2,730,840 bytes)

Product version:

12.0

Original file name:

Setup.exe

File type:

Executable application (Win32 EXE)

Installer:

InstallShield Setup

Language:

English (United States)

Common path:

C:\users\{user}\downloads\r.g._mechanics_assassins_creed_unity-5122-torrent.exe

Digital Signature

Signed by:

INTIS

Authority:

COMODO CA Limited

Valid from:

4/15/2016 5:00:00 PM

Valid to:

4/16/2017 4:59:59 PM

Subject:

CN=INTIS, O=INTIS, STREET="Prospekt 40-letija Pobedy, 69, 1, 8", L=Rostov-Na-Donu, S=RU, PostalCode=344072, C=RU

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00E0D42565A341BEBE1BAFBF6CA79F6420

File PE Metadata

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

Entry address:

0x75CC00

Entry point:

E8, B4, FF, FF, FF, E8, AF, FF, FF, FF, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, FC, 33, D2, 64, 8B, 52, 30, 8B, 52, 0C, 8B, 52, 14, 8B, 72, 28, 6A, 18, 59, 33, FF, 33, C0, AC, 3C, 61, 7C, 02, 2C, 20, C1, CF, 0D, 03, F8, E2, F0, 81, FF, 5B, BC, 4A, 6A, 8B, 5A, 10, 8B, 12, 75, DB, C3, 55, 8B, EC, 56, 57, 53, 8B, 75, 08, 66, 81, 3E, 4D, 5A, 75, 61, 03, 76, 3C, 66, 81, 3E, 50, 45, 75, 57, 8B, 7D, 0C... 
[+]

Entropy:

7.9454

Packer / compiler:

Stranik 1.3 Modula/C/Pascal

Code size:

2.5 MB (2,608,128 bytes)

Remove r.g._mechanics_assassins_creed_unity-5122-torrent.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.