home

setupcasino_1cfcab_de.exe

Playtech Software Installer

Playtech Software Limited

This is a self-extracting archive and installer. This is the uninstaller utility registered in the Windows Control Panel for the program Prestige Casino. The file has been seen being downloaded from serve.prestigecasino.com.
Publisher:
Playtech  (signed by Playtech Software Limited)

Product:
Playtech Software Installer

Description:
Prestige Casino

Version:
13.2.11.0

MD5:
be68774191916aaba61377c12127f3a6

SHA-1:
0c5bdc92b35a8c193fcdbc9e5980060ae7a08785

SHA-256:
999563eb43a7399a8761141b644de626766419df2db3496d7ab7f7543ca99b6f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 4:31:28 PM UTC  (today)

File size:
475.8 KB (487,224 bytes)

Product version:
13.2.11.0

Copyright:
Copyright (C) 2001-2009 Playtech

Original file name:
CasinoDownloader2.exe

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\Windows\System32\config\systemprofile\downloads\setupcasino_1cfcab_de.exe

Digital Signature
Signed by:
Playtech Software Limited

Subject:
CN=Playtech Software Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Playtech Software Limited, L=Douglas, S=Douglas, C=IM

Serial number:
7584CAA2377ED24D26D91034E6DE0EBB

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
12288:Sv/gg6zhXiQDfGru4NnA7VWmtIaqgPiJfGqTF3g:qggqnDCnqWmtfRPoFg

Entry point:
B8, E4, BC, 67, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, F4, C1, AC, 7F, 43, E4, DA, FB, 65, 2E, 09, A5, 4D, 27, FB, 4C, D1, 35, 57, 93, B2, 11, 8C, 25, 96, 9F, AF, A7, B9, E6, C9, 3F, E3, 7C, 1A, 00, 9D, B0, B4, 95, 65, 11, 64, 74, 8F, 42, 56, 5B, 78, 46, 4D, B9, E8, 04, ED, A9, 95, 45, F8, 95, 24, C4, F8, 96, 32, AA, CB, 64, B9, 72, 4C, A1, FB, 0E, 07, 39, 71, C7, 54, 4D, 0B, 94, 5F, 93, A1, C5, AC, 92, FA, 5C, F9, EC, 46...
 
[+]

Packer / compiler:
PECompact v2

Program Uninstaller
Program name:
Prestige Casino

Uninstall string:
"C:\Casino\Prestige Casino\_SetupCasino_1cfcab_de.exe" /uninstall


The file setupcasino_1cfcab_de.exe has been seen being distributed by the following URL.

http://serve.prestigecasino.com/promoRedirect?internal&default_zone=1476859745&lp=1477442115&opt_lang=sv&var4=doc_HP_Download&var7=noSteps-sv

Scan setupcasino_1cfcab_de.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.