rising world free download pc game.exe

saFe cLiCK lOL

This is the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application rising world free download pc game.exe by saFe cLiCK lOL has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the OutBrowse Revenyou installer. The file has been seen being downloaded from get.down1209group.info.
Publisher:
HQQAS  (signed by saFe cLiCK lOL)

Product:
HQQAS

Version:
564.15531.1387.3550

MD5:
8e84b4a6953e77e1d9b76bfee922ad83

SHA-1:
0d766a0f37597c73c0cf7b9438f6802db360fd13

SHA-256:
330f23e13740615d82148d8ce7de61766fbb6de0a21b8875795386ed921f2c27

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/25/2024 5:57:05 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Outbrowse (M)
16.8.8.18

File size:
744.3 KB (762,128 bytes)

Product version:
564.15531.1387.3550

Copyright:
HQQAS

Trademarks:
HQQAS

File type:
Executable application (Win32 EXE)

Bundler/Installer:
OutBrowse Revenyou (using Nullsoft Install System)

Common path:
C:\users\{user}\downloads\rising world free download pc game.exe

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
5/28/2015 2:00:00 AM

Valid to:
1/28/2016 12:59:59 AM

Subject:
CN=saFe cLiCK lOL, O=saFe cLiCK lOL, L=Dublin, S=Dublin, C=IE

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
1D35B931645F649089CF2B35F1F31828

File PE Metadata
Compilation timestamp:
12/5/2009 11:52:12 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:VIg93B3dAHiJC59+cMwOrZ2nyUGFPD4V+jEr6htXhi7gAQFV+1il2fc8vy4hH:VfB3KCc5966XGF7ECK7uDN86I

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, 1C, 45, 00, E8, F1, 2B, 00, 00, A3, 64, 1B, 45, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 37, 43, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, DB, 44, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, A0, 47, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file rising world free download pc game.exe has been seen being distributed by the following URL.

Remove rising world free download pc game.exe - Powered by Reason Core Security