home

saintsrowiv.exe

Saints Row IV

Agora Games, LLC

It runs as a scheduled task under the Windows Task Scheduler. The file has been seen being downloaded from s6003.chomikuj.pl and multiple other hosts.
Publisher:
Koch Media GmbH  (signed by Agora Games, LLC)

Product:
Saints Row IV

Version:
1, 0, 0, 1

MD5:
c29e7a7ae6b035cca67161ae93f99f6f

SHA-1:
7a7d01f158ee8a00b207e0dda22089669e73d868

SHA-256:
572aa899ef94d0dd2c85465010c4c73cec0fe80dbeddc1d24202ddcb101b93c0

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/15/2024 2:55:21 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAutoB
1.3.0.4923

File size:
18.4 MB (19,293,184 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright © 2013 by Koch Media GmbH. Developed by Deep Silver Volition, LLC. All rights reserved.

Trademarks:
Koch Media, Deep Silver Volition, LLC. Saints Row, Deep Silver and their respective logos are trademarks of Koch Media GmbH.

Original file name:
SR4.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Agora Games, LLC

Authority:
Agora Games, LLC

Valid from:
11/5/2010 3:27:57 AM

Valid to:
8/9/2061 3:27:57 AM

Subject:
E=sys@agoragames.com, CN=*.hydra.agoragames.com, OU=Systems Administration, O="Agora Games, LLC", L=Troy, S=New York, C=US

Issuer:
E=sys@agoragames.com, CN=*.hydra.agoragames.com, OU=Systems Administration, O="Agora Games, LLC", L=Troy, S=New York, C=US

Serial number:
00A425025682C97BF6

File PE Metadata
Compilation timestamp:
8/21/2013 11:22:38 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
393216:qSiriIqtSgwO2HhBrH+PdMpOWzicbrXv:qSiriIqsgwO2HhBH+QO5cj

Entry address:
0xBF853E

Entry point:
E8, 19, 77, 01, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 14, 56, 85, C0, 74, 41, 83, 7D, 08, 00, 75, 13, E8, 7A, 26, 00, 00, 6A, 16, 5E, 89, 30, E8, 98, B0, 00, 00, 8B, C6, EB, 2A, 83, 7D, 10, 00, 74, E7, 39, 45, 0C, 73, 0E, E8, 5C, 26, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, DE, 50, FF, 75, 10, FF, 75, 08, E8, CD, B0, FF, FF, 83, C4, 0C, 33, C0, 5E, 5D, C3, 8B, C1, 83, 60, 04, 00, C7, 00, 44, 62, 51, 05, C6, 40, 08, 00, C3, 8B, 41, 04, 85, C0, 75, 05, B8, 4C, 62, 51, 05, C3, 8B, FF, 55, 8B, EC...
 
[+]

Entropy:
6.3629

Code size:
13.9 MB (14,579,712 bytes)

Scheduled Task
Task name:
{E9A90D52-5687-4E35-A946-ED42C4D52781}

Trigger:
Registration (Runs on registration)


The file saintsrowiv.exe has been discovered within the following programs.

Rodina  by Elliptic Games
www.elliptic-games.com
About 2% of users remove it
Saints Row IV  by Deep Silver
www.saintsrow.com
About 1% of users remove it
Saints Row IV EaSyCrAcK  by ScRuU, Inc.
www.gamehunt.co.za
About 1% of users remove it
Saints Row The Third  by THQ
Publisher's description - “Years after taking Stilwater for their own, the Third Street Saints have evolved from street gang to household brand name, with Saints sneakers, Saints energy drinks and Johnny Gat bobblehead dolls all available at a store near you.”
www.thq.com/us/saintsrowthethird
10% remove it
 
Powered by Should I Remove It?

The file saintsrowiv.exe has been seen being distributed by the following 5 URLs.

http://s6003.chomikuj.pl/File.aspx?e=ZLzaxxtlhmoX-lIQqAWO3gZw62ITRg3gKfoQqlg7_0tJhPrJvpLJoeLVFFbNRuuaH2qoROxHW_j_qNSetbGFCtmaBcieBi98-JFwpiK2w5agVJIJ9GRrdidzR2eqYz1Py15kvdbopquzTyszbSVDdQ&pv=2

http://s6003.chomikuj.pl/File.aspx?e=ZLzaxxtlhmoX-lIQqAWO3utwSta8J3nGDLJV9yFDFEQYfYYiYW9OLqqPoR7lfRQYcEnP6AlER-x0rIpjpfQ_lyfDu4Gygg5hhmZBocM9A9A4RYStLnU9THjWjZ_xcbZ_UqqNLd2_MG2XLgsuOZP7vzqO-U5uECcGS_3hTjHzuMg&pv=2

http://s6003.chomikuj.pl/File.aspx?e=ZLzaxxtlhmoX-lIQqAWO3gZw62ITRg3gKfoQqlg7_0uV5irOQ8WOVqmkdoyu-748qL-UTN0-RjgUqqtrsCRU2jDzgB3Qa-IZXugvHGxynuIl_dVQtG5zem8E5tXDZ5K49LLQHtg2UTCDgqlIaCh8tw&pv=2

http://s6292.chomikuj.pl/File.aspx?e=ZLzaxxtlhmoX-lIQqAWO3uKGK2tIKCMIqhWsh0BEnRfFAX-Hc3y3NcYzq9OS4cfFjX7FDeUxJf6EFjvEFmuIFo_ysUBoO4p5xV_eby-x9TGlkRzFm5Y3xSOW-QoPxhJkr9dnudZK5gqb4fkYO-RZQyAioa3mAM33a2EQbo9sK0U&pv=2

http://s6292.chomikuj.pl/File.aspx?e=ZLzaxxtlhmoX-lIQqAWO3uKGK2tIKCMIqhWsh0BEnRex04L2DL13Z0cfZ0Z9oahO_g_aG9eysaIpkyXLFm_mcfES5aHmtGNcwcvTWBzr19F3RDyJoIbub9FxWCHKDb8FkfJfNe5KSx5N5eVrfwPW7p9nUYX0ibxpDUA2lKMcVKU&pv=2

Scan saintsrowiv.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.