s4client.exe

Project S4

GAMEON Studio Co.Ltd.

This is a setup program which is used to install the application. The file has been seen being downloaded from elitepvpers.digidip.net.
Publisher:
GAMEON Studio Co.Ltd.  (signed and verified)

Product:
Project S4

Description:
Project S4 Client.exe

Version:
0, 8, 32, 96072

MD5:
de835b2f5cc34a40307bec72ad7502bf

SHA-1:
af74c6cba07678903f679b8f5b6299e79dbb9eca

SHA-256:
1a912a74a845c4163d97c561cde352a03d6b5538e05f69786895710559a77438

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 6:02:10 PM UTC  (today)

File size:
10.5 MB (10,992,400 bytes)

Product version:
0, 8, 32, 96072

Copyright:
Copyright (C) 2007 Pentavision All rights reserved.

Original file name:
Client.exe

File type:
Executable application (Win32 EXE)

Language:
Korean

Digital Signature
Authority:
thawte, Inc.

Valid from:
12/21/2015 5:00:00 PM

Valid to:
2/19/2017 4:59:59 PM

Subject:
CN=GAMEON Studio Co.Ltd., O=GAMEON Studio Co.Ltd., L=Seongnam-si, S=Gyeonggi-do, C=KR

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
0760555CC3719158DD98AB94B457777D

File PE Metadata
Compilation timestamp:
4/25/2016 4:17:39 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
196608:D3+fWXyPsSzXU3GvwEmQXPbSIQKQhPgrLMUVIruklDS4k04mvDYY:Dp9Szk3GK4m934rBeruktk1oH

Entry address:
0x215B000

Entry point:
51, B9, 06, 00, 00, 00, 85, C9, 74, 28, 01, C8, D3, E0, 05, 45, 45, 53, 04, 50, E8, 00, 00, 00, 00, 83, 04, 24, 16, 8B, 04, 24, 83, C0, 09, C7, 80, CA, FF, FF, FF, 00, 00, 00, 00, FF, E0, 49, EB, D4, 59, E9, CE, 00, 00, 00, 55, 89, E5, 81, EC, 1C, 08, 00, 00, 60, C7, 45, FA, 00, 00, 00, 00, C7, 85, E8, FB, FF, FF, 00, 00, 00, 00, 31, DB, 8B, 85, E8, FB, FF, FF, 40, 89, 85, E8, FB, FF, FF, 81, BD, E8, FB, FF, FF, 00, 04, 00, 00, 74, 18, 8B, 85, EC, FB, FF, FF, 8D, 8D, F0, FB, FF, FF, 88, 04, 0B, FF, 85, EC...
 
[+]

Entropy:
7.9629  (probably packed)

Code size:
16.1 MB (16,871,424 bytes)

The file s4client.exe has been seen being distributed by the following URL.

Scan s4client.exe - Powered by Reason Core Security