home

sonic_and_knuckles.exe

GameFabrique

The executable sonic_and_knuckles.exe, “Sonic and Knuckles Setup ” has been detected as malware by 1 anti-virus scanner. The program is a setup application that uses the Inno Setup installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from cdn.games4windownloads.com and multiple other hosts.
Publisher:
GameFabrique

Description:
Sonic and Knuckles Setup

MD5:
639e25b0376f399161de7f89b76364c9

SHA-1:
3fbd6ca363014e522548164b84beee8bb4ce1484

SHA-256:
0eaf7db31be3df789828d1ad3b71c337932afaf3ad5c5fcdb06b0dc2107e8678

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/5/2024 9:30:32 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
(M)
16.6.5.12

File size:
1.8 MB (1,869,822 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
English (United States)

Common path:
C:\users\{user}\downloads\programs\sonic_and_knuckles.exe

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:76dDGtS8Rng3t3Jkc/0atCY5Fw7wsVbv4e:edEzMP6Y5W1Vb1

Entry address:
0x97F0

Entry point:
55, 8B, EC, 83, C4, CC, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, D6, 98, FF, FF, E8, DD, AA, FF, FF, E8, 00, CD, FF, FF, E8, 47, CD, FF, FF, E8, 3E, F3, FF, FF, E8, A5, F4, FF, FF, 33, C0, 55, 68, 9A, 9E, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 50, 9E, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, B0, 40, 00, E8, 9B, FE, FF, FF, E8, 5A, FA, FF, FF, 8D, 55, F0, 33, C0, E8, C0, D1, FF, FF, 8B, 55, F0, B8, D4, BD, 40, 00, E8, 87, 99, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, D4, BD, 40, 00, B2, 01, B8...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
36 KB (36,864 bytes)

The file sonic_and_knuckles.exe has been seen being distributed by the following 9 URLs.

http://cdn.games4windownloads.com/5iD5Mh4de5kjjjyJvPyBe5zfQ06HdpWb_ktm5RcVxaNlq5aNqg2V5pLSsm8A2jwaQ8Pv4btPfCowi7OkHzR8IlswoC 4NzYYUJFiNC0tRfHQVByl32ETFCb18wOnxw_gHwnVEWaOmZhJ xm2nXRQe3vIAv13xVxafB1U AM6PnvFrgQ9E9FWkXr_quXnpAC5B6oqDV72XvYzCu961VsvScXQnjmZkQ==-GzgAAES3eX55nhK6QpRFSBBM5MChRQEe2J4nuHlj3EAL1uw 9PxeskF0tPRhmE66Jp9loQc AA==

http://jeuxvideo.jetelecharge.com/.../gop.php?id=3724

http://sonic-and-knuckles.software.informer.com/.../

http://cdn.games4windownloads.com/aLW5wNcPMdlTcli z8yobvlqi4xi6xDkAozjxijSC7ePvjt kqeHMfdwOERCqbG_s0MU9DzeCrJ98c5yLqXmnpCuXjldhRAXVOQfXAQ4WfJuoFz4ipyxT6XNxIzQmG3x0b11l8Dl_tZUfdGnFswMj9ylHgthtQRjZLcMCQyplG4_sMRZhNRLsExUSGW88QECDZbtKSSs06HMjqxcbAPGv8NgPfTtfKnLPblUT1mxT7gC5QFwvnpZNsv8rqEr TqyrndUUTVB6UNxL5z1_4_akbiXSaozeWHLbxxl uvKH5Tf4KJbf_GQLKzlz5O86jidjUFXxX9SSStT AdlcjxqjBZsq31Ycxi5RW0l1IiC9Ld8y_fwFeayUEnBBNc9OvLBipE4PuiP5gljOBeUXvt k9cTSTAAxSfmGxoT6LGt2n0WhIftzaGWVVer6A8XSvPrxTro6YA7Jif bTZOOkrmWXxszGmJpe2xy74f7JWwiCCsWl 903uvIlM233Lzfv6NoZq Y35KhXX4484Z3gPmmdvASZC0oTk_5Xpi5hgXAd1HXE38vTs=-GzgAAES3eX55nhK6QpRFSBBM5MChRQEe2J4nuHlj3EAL1uw 9PxeskF0tPRhmE66Jp9loQc AA==-e

http://cdn.games4windownloads.com/c?x=S9G169ycUJHZcLgsDCPip/vjsrqjQxO7ps5pBPVOtOg=&c=pdLItGnNWhCxQjbO1DQBZn1toVSwVdCmdtDo/0I5yoVhPXQpyhrGwNYNKfUO1sVf9SdSW8JoNxCK/QXJDLwwxyFM8aeBqW5lGkC4jh e1wPwQt7vAWABhe5BtbHm1OSE6azvLBwnYM6RwRcPZleiv1oy7a14004RZa XQ6FEYsI=&e=0&downloadAs=sonic_and_knuckles.exe&fallback_url=http://gamefabrique.com/dl/.../sonic_and_knuckles.exe

http://cdn.games4windownloads.com/WVl6OTRQVzVrYTI5SFVIbDRXWGN3Y2pBMFp5VXlSbTFaWTJ4UWRWVnNSbGs0V0VoWFVrMW9VbGxVWlNVeVJuSmpRVTFqSlRORUptTTlWMHBYUmtoQ2FUUTRhRlZzTTFWb2VtaDBSMjVUVmpBelEyNVpXR05yVTFGSmRtUmFXWEZTZGpSQ05XZHhNSGRITnlVeVFsSnBUVzB5T1hnMFltZHZhVTFDYzNsSFpVUjFaSEZaZVZKcVoxZEhNamhFWkhOMVNXcG1USGRYVEd0Q1N6UlpiVXRKVVdaWWEwOHdTQ1V5Um1RM2VUSlJkSFJDVW5oNE5raEVZVGhaUlRWUFdERnpOM2hUTkRGQ1NXcHNheVV5UW1OUFFsWkhUMnRuSlRORUpUTkVKbVU5TUNaa2IzZHViRzloWkVGelBYTnZibWxqWDJGdVpGOXJiblZqYTJ4bGN5NWxlR1VtWm1Gc2JHSmhZMnRmZFhKc1BXaDBkSEFsTTBFbE1rWWxNa1puWVcxbFptRmljbWx4ZFdVdVkyOXRKVEpHWkd3bE1rWm5aVzVsYzJsekpUSkdjMjl1YVdOZllXNWtYMnR1ZFdOcmJHVnpMbVY0WlE9PQ==

http://www.bestbundlesbulk.com/c?x=31j0w9EIhulL /jH7dtFglPuXFKhvTi4ffa7oPqVxQg=&c=pBnjyICF77oSKAFo/OxfF9I2Mq/KDCqR/sgWhKKe60B1iNY5FphbTvc7FNzX2Er0FvNJzBNpv Idbgnve/QcN8F8i1A5hjpbQKTFv36MAL53wWdPyprm8z6RTlANmd8Gd6KBzjwEHfnpiVHegozymGbu32DfltaSFpSA8YSey8=&e=0&downloadAs=sonic_and_knuckles.exe&fallback_url=http://gamefabrique.com/dl/.../sonic_and_knuckles.exe

http://www.games4win.com/download/.../sonic_and_knuckles.exe

http://www.gamefabrique.com/download/.../sonic_and_knuckles.exe

Remove sonic_and_knuckles.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.