home

setupcasino_2f1576.exe

Playtech Software Installer

PLAYTECH LIMITED

This is a self-extracting archive and installer. This is the uninstaller utility registered in the Windows Control Panel for the program BetMost Poker. The file has been seen being downloaded from www.pokerinside.com and multiple other hosts.
Publisher:
Playtech  (signed by PLAYTECH LIMITED)

Product:
Playtech Software Installer

Description:
BetMost Poker

Version:
9.4.20.0

MD5:
bc51d78beedc5bb82a398449efcf009f

SHA-1:
f96d78e61b04dda5960f9beaece73c8263ce9458

SHA-256:
d97c025457c2fff9ee0c095b07fa5d51c2174f1433556d91f72adfe13645d642

Scanner detections:
1 / 68

Status:
Inconclusive  (probably just a false positive detection)

Analysis date:
11/15/2024 4:44:44 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Installer.PLAYTECH
15.3.18.1

File size:
230.8 KB (236,288 bytes)

Product version:
9.4.20.0

Copyright:
Copyright (C) 2001-2009 Playtech

Original file name:
CasinoDownloader2.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Digital Signature
Signed by:
PLAYTECH LIMITED

Authority:
VeriSign, Inc.

Valid from:
3/13/2009 2:00:00 AM

Valid to:
3/13/2012 1:59:59 AM

Subject:
CN=PLAYTECH LIMITED, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=PLAYTECH LIMITED, L=Douglas, S=Isle of Man, C=IM

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
19A52BD0FFBF33D2D2ED2030B214DBA6

File PE Metadata
Compilation timestamp:
9/2/2009 12:54:43 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
6144:l6ZmkWkr9eZX7RwlH2/8UcR10g26EOmoJnfRQuT:xBS9eZX9w2/8UcH030nfOuT

Entry address:
0x2DDDB

Entry point:
B8, C0, 9E, 4A, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 8C, EA, 1C, 56, 3F, 79, E6, D2, 40, 74, 98, 76, 7E, C4, 0F, 0D, D7, 34, 14, 31, FF, 3B, BA, F1, 20, 6F, 36, 1C, EA, 93, 58, BF, A9, 5C, 69, A9, 9B, 52, 2A, B0, A2, CF, 50, F0, E6, ED, CD, 06, DA, 47, 08, 50, F2, CB, 18, AB, 41, 22, BD, 03, 28, 22, 12, 88, 73, 32, 81, 96, F2, 6B, 2A, 92, 27, 2D, A1, 0B, 81, D7, D2, D9, C8, BE, F3, 7E, D8, 89, CB, B0, 64, 24, 07, FA, 79...
 
[+]

Packer / compiler:
PECompact v2

Code size:
260 KB (266,240 bytes)

Program Uninstaller
Program name:
BetMost Poker

Uninstall string:
"C:\Poker\BetMost Poker\_SetupCasino_a55d3d.exe" /uninstall


The file setupcasino_2f1576.exe has been seen being distributed by the following 3 URLs.

http://www.pokerinside.com/.../betmost-download

http://service.digitalarea23.com/.../SetupCasino.exe

http://www.betmostpoker.com/download.php

Scan setupcasino_2f1576.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.