home

sly cooper- thieves in time.exe

The application sly cooper- thieves in time.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. It uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars. The file has been seen being downloaded from sagefile.com.
MD5:
d6d758a1f3f3be52d3111a425b7be5f6

SHA-1:
1e24d18fc0ae50e4df458f69447f8fb5571a18ea

SHA-256:
51b6b7dc15dbb21e911843bb4c5a019336d2f80844e07df460c00592f4c1a434

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Uses the Solimba installer to bundle adware offers.

Analysis date:
11/23/2024 11:35:44 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Solimba.Bundler (M)
16.7.24.2

File size:
562 KB (575,536 bytes)

File type:
Executable application (Win16 EXE)

Common path:
C:\users\{user}\downloads\sly cooper- thieves in time.exe

File PE Metadata
Compilation timestamp:
12/4/2014 1:00:46 PM

OS version:
5.1

OS bitness:
Win16

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:Yb+tijs1TQZrq2QLuBufr8GRSfTp1MFXVibupsrF6+wt:Yb+tJ1TCr1Eucr8P1MFIb0dt

Entry address:
0xD44C

Entry point:
E8, AF, 6C, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 00, 60, 42, 00, E8, FE, 15, 00, 00, E8, 80, 6E, 00, 00, 0F, B7, F0, 6A, 02, E8, 42, 6C, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 0B, 65, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Code size:
111 KB (113,664 bytes)

The file sly cooper- thieves in time.exe has been seen being distributed by the following URL.

http://sagefile.com/n/3.2.13/.../Sly Cooper: Thieves in Time.exe

Remove sly cooper- thieves in time.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.