» setuppoker_27252d.exe
Overview
Analysis
File Details
Downloads (1)

setuppoker_27252d.exe

Playtech Software Installer

Playtech

This is a self-extracting archive and installer. The file has been seen being downloaded from banner.unibet.fr.

File name:

Publisher:

Playtech

Product:

Playtech Software Installer

Description:

Unibet.fr

Version:

11.2.38.0

MD5:

7f52628277493eeda1b2b7011e849075

SHA-1:

dbaf55f1150a7cf1059ee9b23b265288eabcefe0

SHA-256:

3e8ef2a578fe72294991c6c2bc9724ff69bbfd0c834a618b5e74e0d4193995ee

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

1/10/2025 3:19:39 PM UTC (today)

Scan engine

Detection

Engine version

Vba32 AntiVirus

Downloader.AdLoad

3.12.26.4

File size:

241 KB (246,813 bytes)

Product version:

11.2.38.0

Original file name:

CasinoDownloader2.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\setuppoker_27252d.exe

File PE Metadata

Compilation timestamp:

12/13/2012 3:21:50 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:6jvW/yjqTTO+USXSL5WquIed8jhbHjjfnnz8zZ7nml9tgj:6jQBTTO+USClWquIed81HjjPz8zsvtA

Entry address:

0x348BC

Entry point:

B8, 50, 5A, 53, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 98, 85, C9, A2, 1F, 0C, D2, 1B, BA, 32, 8D, F2, 95, CD, 7E, 9E, D6, DB, 1C, 8F, 3E, 2E, 11, 98, 43, 10, F7, F2, C5, 38, AE, D4, 9B, 0C, 67, FF, 46, 24, 40, F2, F0, FC, 91, A0, 01, 7B, BD, 4D, 9E, F3, D9, E7, CD, 52, E7, A0, 8D, 42, 06, 71, 0B, 84, B4, 20, 8D, 8D, 47, A2, E8, 8C, D3, B6, 35, 50, 31, 12, AD, 92, 6A, 91, 3D, AD, 4A, 7F, D8, 16, AB, C7, AF, 3B, 6B, D7, CA... 
[+]

Packer / compiler:

PECompact v2

Code size:

335.5 KB (343,552 bytes)

The file setuppoker_27252d.exe has been seen being distributed by the following URL.

http://banner.unibet.fr/.../SetupPoker.exe

Scan setuppoker_27252d.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.