home

setupcasino.exe

Playtech Software Installer

Playtech

This is a setup and installation application. The file has been seen being downloaded from banner.otwin12.com.
Publisher:
Playtech

Product:
Playtech Software Installer

Description:
12Win

Version:
13.2.11.0

MD5:
09f51dcaef429a7329d656a264205294

SHA-1:
8acd337cd44fa72a96c540751eab1268fa70b0d5

SHA-256:
d803796ea27ed72af26e3d3d0c907b7686248b7f9bb4e7e343220e840475b931

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 11:45:10 AM UTC  (today)

File size:
358.1 KB (366,704 bytes)

Product version:
13.2.11.0

Copyright:
Copyright (C) 2001-2009 Playtech

Original file name:
CasinoDownloader2.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\setupcasino.exe

File PE Metadata
Compilation timestamp:
1/17/2014 6:14:13 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:RCv889gvgQ33+UiKRXuJ1QDLLukTyD3X8fpYnukmcef4aaaaX1hcj2uBJTDabpTu:8v/gg6zhXiQDfHyOpYukmcsoDRuBJTDp

Entry address:
0x3533C

Entry point:
32, D0, 8B, EB, 87, EB, 89, F5, 89, FE, 88, F0, 69, ED, 71, 9E, 0E, 90, 87, CD, C7, C2, A1, FA, 7B, D1, 4B, C7, C0, A0, 36, F8, B3, F3, 56, 85, D6, 59, B3, 05, 1D, 2E, 63, 7F, C8, B4, 4D, F3, 33, F9, 87, C5, C7, C0, C1, F5, 04, 32, 0F, AF, D6, 0F, B7, D0, 45, 8A, E5, 43, F6, C7, 39, F3, 0F, AF, C6, 81, D8, CD, 8F, B7, 87, BF, 36, 2C, AB, FD, E8, 2C, 00, 00, 00, 69, C3, 94, 5F, 8C, 4D, 22, C7, 86, F6, 69, C7, 81, B1, 43, 8B, 0F, B7, FA, BD, 22, CE, D0, 12, 87, CB, 81, C6, 08, 72, 00, 00, 75, 04, 88, DE, 1C...
 
[+]

Entropy:
7.8711  (probably packed)

Code size:
338 KB (346,112 bytes)

The file setupcasino.exe has been seen being distributed by the following URL.

http://banner.otwin12.com/.../SetupCasino.exe

Scan setupcasino.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.