» setuppoker.exe
Overview
Analysis
File Details

setuppoker.exe

Playtech Limited

The application setuppoker.exe by Playtech Limited has been detected as a potentially unwanted program by 7 anti-malware scanners.

File name:

setuppoker.exe

Publisher:

Playtech Limited (signed and verified)

MD5:

fe889debccccae5ec37692d7566288fa

SHA-1:

7bde3e3a4b4e4e20bad6282f8fbf6607876968dd

SHA-256:

3c30edb41e30192dec3784a856ed4a3b6b526dbae8bcc0519a278e5a34e2d4b5

Scanner detections:

7 / 68

Status:

Potentially unwanted

Analysis date:

11/24/2024 8:07:26 AM UTC (today)

Scan engine

Detection

Engine version

Clam AntiVirus

Trojan.OnlineGames-1725

0.98/170.3

Comodo Security

ApplicUnwnt.Win32.Adware.CasOnline.1

5586

Emsisoft Anti-Malware

Riskware.OnlineCasino!IK

8.15.08.12.11

F-Prot

W32/Casino.D.gen

v6.4.6.1.107

IKARUS anti.virus

not-a-virus:OnlineCasino

t3scan.1.1.84.0

Quick Heal

Trojan.Agent.IRC

8.15.11.00

Reason Heuristics

PUP.Playtech.Installer (M)

15.8.12.11

File size:

190.3 KB (194,816 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\setuppoker.exe

Digital Signature

Signed by:

Playtech Limited

Authority:

VeriSign, Inc.

Valid from:

4/17/2008 8:00:00 PM

Valid to:

4/18/2009 7:59:59 PM

Subject:

CN=Playtech Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Playtech Limited, L=Tortola, S=Not available, C=VG

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

0CC633E902A022B96C9E1CB8C01869EA

File PE Metadata

Compilation timestamp:

4/1/2008 7:58:41 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

3072:AOQ8zvdUbrZmYGJKUkGFXMgXkRKv3a/vAg0W1yegqYYCpnQlJ6f9padpje:AbMUxmYrUkGeWKUq/4gQenYYQ942

Entry address:

0x240D3

Entry point:

B8, A8, C7, 47, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 55, AD, B1, 7C, 38, D4, CF, DB, 1D, D8, B6, 5F, 0D, E4, 79, 2C, 68, A6, 14, BF, 0A, 3B, 9B, D1, BD, 79, C1, CB, B0, 3A, 29, EE, 04, 73, E2, DF, F2, 4B, E4, 52, 69, 59, 6F, B5, 2B, 27, 10, 72, 3E, 7F, A5, DE, 1A, 2C, 12, C2, AB, C3, DA, 53, AF, 96, 93, 63, FA, 9E, A2, 5C, FA, D6, 0E, 42, 3B, 94, 5E, B2, 46, 3D, 3B, BC, 7C, B8, A1, AC, 59, BD, E1, 98, 7D, C6, 94, C1, D8... 
[+]

Entropy:

7.8295

Packer / compiler:

PECompact v2

Code size:

224 KB (229,376 bytes)

Remove setuppoker.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.