home

setuppoker.exe

Playtech Software Installer

Playtech Software Limited

This is a self-extracting archive and installer. This is the uninstaller utility registered in the Windows Control Panel for the program Poker at bet365. The file has been seen being downloaded from update.dk.p365update.com.
Publisher:
Playtech  (signed by Playtech Software Limited)

Product:
Playtech Software Installer

Description:
Poker at bet365

Version:
11.2.38.0

MD5:
9647ab6e87c573b225fb263a7ebb9631

SHA-1:
c5397baffd3ec4a9f1eca2becfa715823bd05348

SHA-256:
6e7ffb52bab340b6db776ca3d524afcaf70250691dfc1ce05f5f92b27e988279

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/6/2024 8:27:25 AM UTC  (today)

File size:
235.8 KB (241,464 bytes)

Product version:
11.2.38.0

Copyright:
Copyright (C) 2001-2009 Playtech

Original file name:
CasinoDownloader2.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\setuppoker.exe

Digital Signature
Signed by:
Playtech Software Limited

Authority:
VeriSign, Inc.

Valid from:
10/22/2012 2:00:00 AM

Valid to:
10/27/2015 12:59:59 AM

Subject:
CN=Playtech Software Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Playtech Software Limited, L=Douglas, S=Douglas, C=IM

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7584CAA2377ED24D26D91034E6DE0EBB

File PE Metadata
Compilation timestamp:
12/13/2012 3:21:50 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:AjvW/yjqTTO+USXSL5WquIed8jhbHjjfnnnuej++V7m:AjQBTTO+USClWquIed81HjjPnFLV7m

Entry address:
0x1000

Entry point:
B8, FC, 00, 53, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 6F, 09, A0, BE, C1, CE, D2, B7, 25, 23, 96, AC, C2, 69, 7B, 59, 1D, FC, 83, E1, 6C, B8, CB, 8C, 64, 75, 6C, F6, 16, AF, D7, 70, 60, A7, 2D, 00, 97, AB, 02, A6, 55, 38, CC, CF, 3D, 74, 80, C9, 5A, AE, 4C, D9, 50, 88, BF, 6E, C9, BA, 37, A2, E4, 41, B7, D2, D4, 24, DB, A4, ED, B7, 0C, 67, A0, C1, 0D, 98, BC, 23, CF, 20, F1, 43, 75, 4D, 74, D5, E2, B0, 6B, 97, C2, 03, 44...
 
[+]

Packer / compiler:
PECompact v2

Code size:
335.5 KB (343,552 bytes)

Program Uninstaller
Program name:
Poker at bet365

Uninstall string:
"C:\Poker\Poker at bet365\_SetupPoker.exe" /uninstall


The file setuppoker.exe has been seen being distributed by the following URL.

http://update.dk.p365update.com/.../SetupPoker.exe

Scan setuppoker.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.