» sims2.exe
Overview
Analysis
File Details
Downloads (14)

sims2.exe

This is a setup program which is used to install the application.

File name:

sims2.exe

MD5:

9ad6731aca0e20c7354af3211845f74e

SHA-1:

0e7a2619de7330713563038e5cf58e3ca0f11efc

SHA-256:

55daa8cbb621ea3e1241e4c4c91c1923ed6cac04b27978eb3145c94aef118953

Scanner detections:

2 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

12/26/2024 4:02:48 PM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Dropper-gen [Drp]

2014.9-140807

Qihoo 360 Security

Win32/Trojan.Dropper.c9f

1.0.0.1015

File size:

8.6 MB (8,978,476 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\sims2.exe

File PE Metadata

Compilation timestamp:

5/22/2007 6:59:14 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.0

CTPH (ssdeep):

196608:1+WngsMo+1SKn/2GjdJiy1LGkDWJmWJLnCeUm7SlNPDlWeuwmkyR:1+lEK/tjP80CNChlZlfPfm

Entry address:

0x1000

Entry point:

E8, 2F, 2B, 00, 00, 50, E8, 3F, 31, 01, 00, 00, 00, 00, 00, 90, 55, 8B, EC, 53, 56, 57, 8B, 7D, 10, 8B, 5D, 0C, 8B, 75, 08, 8B, D3, FF, 75, 14, 68, E1, 50, 41, 00, 6A, 00, 6A, 00, 8B, C6, 8B, CF, E8, 52, 47, 00, 00, 81, EB, 10, 01, 00, 00, 74, 05, 4B, 74, 14, EB, 57, FF, 75, 14, 6A, 66, 56, E8, 9E, 33, 01, 00, B8, 01, 00, 00, 00, EB, 47, 66, 81, E7, FF, FF, 66, FF, CF, 74, 07, 66, FF, CF, 74, 23, EB, 30, 68, 80, 00, 00, 00, 68, A4, 69, 41, 00, 6A, 65, 56, E8, E4, 32, 01, 00, 6A, 01, 56, E8, BE, 32, 01, 00... 
[+]

Code size:

80 KB (81,920 bytes)

The file sims2.exe has been seen being distributed by the following 14 URLs.

q=http://goo.gl/n3Dmb&redir_token=On87K4-2XDghghCpFOofjhr5Jth8MTQyMDk3MjM2NUAxNDIwODg1OTY1

q=http://goo.gl/n3Dmb&redir_token=ldNfjRR2Ep2a17hATQA9KOLcc3F8MTQzODExNDY1MUAxNDM4MDI4MjUx

q=http://goo.gl/n3Dmb&redir_token=TkgxB0rpDkNLGEwFcXzaJ6Xmzf18MTQzMTk1OTM0NEAxNDMxODcyOTQ0

q=http://goo.gl/n3Dmb&redir_token=Z9WCrQtX5BrsbZ9xNC2OnPZVB0N8MTQzMDY1MzkxMEAxNDMwNTY3NTEw

q=http://goo.gl/n3Dmb&redir_token=jmo9wnhpZepM1NWYKw_VOXhAbFx8MTQwNzAwMzI5MEAxNDA2OTE2ODkw

q=http://goo.gl/n3Dmb&redir_token=6RjXI1jKPM0yFncc6G3OOGx3QZN8MTQzNzQyOTAxN0AxNDM3MzQyNjE3

q=http://goo.gl/n3Dmb&redir_token=lSdQwXd8B1dglRDkd6SXTplSjGV8MTQzNjUyNDI0MkAxNDM2NDM3ODQy

q=http://goo.gl/n3Dmb&redir_token=WX1REVaDxzbhJG0mEnAB5300Hf98MTQ1NjI1MTQ5M0AxNDU2MTY1MDkz

q=http://goo.gl/n3Dmb&redir_token=C0sQ5bNhucsFc33evD5ClRruP5R8MTQyNjQxNTIyOUAxNDI2MzI4ODI5

q=http://goo.gl/n3Dmb

q=http://goo.gl/n3Dmb&redir_token=RDU6v1HGo4Kdw9rqzJfZcCU3ZW58MTQzNTU3MDg0MUAxNDM1NDg0NDQx

http://goo.gl/n3Dmb

q=http://goo.gl/n3Dmb&redir_token=Dn5vazeQoRVayXHjgQvrlRHsnM18MTQ0NzU4Mjk1NkAxNDQ3NDk2NTU2

http://www.pobierz-download.info/sims2.exe

Scan sims2.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.