home

sovereign-fayof.exe

Fancy3D Launcher

Hongfeng Hengyu (Beijing) Tech Ltd.

This is a setup program which is used to install the application. The file has been seen being downloaded from admin-dzz.top1game.com and multiple other hosts.
Publisher:
Hongfeng Hengyu (Beijing) Tech Ltd.  (signed and verified)

Product:
Fancy3D Launcher

Version:
0,16,0216,1513

MD5:
128c4efae5705c130d4cf614bbb92ec5

SHA-1:
9ffb2a2996e20b147fb933a6f6b2aec582a5fded

SHA-256:
4113c2c3d61c67b7cef62c3a2deb03f624664595a64aceb2baff3d2d81608416

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 10:38:22 PM UTC  (today)

File size:
2.8 MB (2,979,360 bytes)

Product version:
0,16,0216,1513

Copyright:
Copyright (C) Hongfeng Hengyu 2009 - 2015. All rights reserved.

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\sovereign-fayof.exe

Digital Signature
Signed by:
Hongfeng Hengyu (Beijing) Tech Ltd.

Authority:
Symantec Corporation

Valid from:
4/15/2015 8:00:00 AM

Valid to:
5/15/2017 7:59:59 AM

Subject:
CN=Hongfeng Hengyu (Beijing) Tech Ltd., OU=Technical Department, O=Hongfeng Hengyu (Beijing) Tech Ltd., L=Beijing, S=Beijing, C=CN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
473F8E478165FF553417B8D75AF47788

File PE Metadata
Compilation timestamp:
2/16/2016 3:13:11 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:0/s50PBZxYsDTnEJ9pGFMQLvf/3ndNJMx36juufrVk8z:ADBZxYsa9/ivn7036qufrVk8z

Entry address:
0xB326B

Entry point:
E8, 1D, 76, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 57, 56, E8, FC, 77, 00, 00, 33, FF, 59, 3B, F7, 75, 1D, E8, FB, 17, 00, 00, 57, 57, 57, 57, 57, C7, 00, 16, 00, 00, 00, E8, BA, 77, 00, 00, 83, C4, 14, 83, C8, FF, EB, 34, 39, 7D, 0C, 74, DE, B9, FF, FF, FF, 7F, C7, 45, EC, 49, 00, 00, 00, 89, 75, E8, 89, 75, E0, 89, 4D, E4, 3B, C1, 77, 03, 89, 45, E4, FF, 75, 14, 8D, 45, E0, FF, 75, 10, FF, 75, 0C, 50, FF, 55, 08, 83, C4, 10, 5F, C9, C3, 8B, FF, 55, 8B, EC, 56, 8B, 75, 08, 8D, 45, 10...
 
[+]

Entropy:
7.7181  (probably packed)

Code size:
926.5 KB (948,736 bytes)

The file sovereign-fayof.exe has been seen being distributed by the following 50 URLs.

http://admin-dzz.top1game.com:8807/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=q229eaaoj7ksbo7k93knd3tld6&uid=top1game_143141&platform=top1game&gkey=dzz&skey=9&time=1461340819&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=5e45465eef194b8258ae3ac80af5685b&w=588&h=117

https://admin-dzz.top1game.com:8887/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=h992q3ij7m5lpaf9i2n2oj10n0&uid=top1game_944797&platform=top1game&gkey=dzz&skey=64&time=1474017070&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=63830bc87981dee2093a12da11528fea&w=588&h=117

http://admin-dzz.top1game.com:8807/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=rqa8la3rc8gdkmhtvb7ubqcib4&uid=top1game_527425&platform=top1game&gkey=dzz&skey=46&time=1468145168&is_adult=1&exts=&back_url=&type=web&bind=10&pf=1&sign=bd316bdf9b57c3a1ad96f7cf660dfb80&w=588&h=117

https://admin-dzz.top1game.com:8887/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=aksf435toi63ui2kf4e1nnqcm0&uid=top1game_378141&platform=top1game&gkey=dzz&skey=59&time=1472129690&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=cab68ea23bb6739d0939f62c4f0ef4c7&w=588&h=117

http://admin-dzz.top1game.com:8807/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=enq7mb9h9rgh3sl5ans1ac00e6&uid=top1game_723421&platform=top1game&gkey=dzz&skey=11&time=1461502512&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=0b2e43b8002fa6dac2aae6857e04c7f8&w=588&h=117

http://admin-dzz.top1game.com:8807/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=p5ha71m4a8ni6qf0q6vcikra44&uid=top1game_760079&platform=top1game&gkey=dzz&skey=22&time=1463243051&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=5348bb7bc1081d5c667417440d193f52&w=588&h=117&w=588&h=117

http://admin-dzz.top1game.com:8807/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=o69v2c233o5p4jovsuh2fchn86&uid=top1game_781291&platform=top1game&gkey=dzz&skey=28&time=1464177454&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=5a022c272deb5559a30c68507f2e8be9&w=588&h=117

https://admin-dzz.top1game.com:8887/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=chhsvmctto1shnltbrf3pqold6&uid=top1game_887881&platform=top1game&gkey=dzz&skey=52&time=1469944540&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=01b6164db4f94fc1e4df5d5a49dd55d0&w=588&h=117

https://admin-dzz.top1game.com:8887/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=7k3fviu4r4d8l796cq5888m667&uid=top1game_426645&platform=top1game&gkey=dzz&skey=50&time=1469358325&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=8f016b8455413fb228bd006d1df6e177&w=588&h=117

https://admin-dzz.top1game.com:8887/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=34ug7pqn8idallrb1v47e8c1g4&uid=top1game_854393&platform=top1game&gkey=dzz&skey=51&time=1469634817&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=c8a48a9a60568748701c6c603958c137&w=588&h=117

http://res-dzz.top1game.com/mclients/.../Sovereign-bibaz.exe

http://admin-dzz.top1game.com:8807/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=viast79htlcbhh3fsinn4n2vv4&uid=top1game_471047&platform=top1game&gkey=dzz&skey=32&time=1464859008&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=fcce14ccebee0cc6fea08007dd3c1912&w=588&h=117

http://admin-dzz.top1game.com:8807/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=ma6dqcv5oho8ukr3s2ta7j00i6&uid=top1game_755971&platform=top1game&gkey=dzz&skey=40&time=1477137969&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=ccc495ab010811b1ec038863ccd4c937&w=588&h=117

http://admin-dzz.top1game.com:8807/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=o6cukq1jeame8bmpvpk0rjojp2&uid=top1game_783517&platform=top1game&gkey=dzz&skey=28&time=1464199549&is_adult=1&exts=&back_url=&type=web&bind=10&pf=1&sign=38732374e6ad6f1d6c5091fb23c34fe7&w=588&h=117

http://admin-dzz.top1game.com:8807/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=obm2fgh1je1qlua4gkd14oho02&uid=top1game_118125&platform=top1game&gkey=dzz&skey=37&time=1478441082&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=5dc899c65b737e9d50dbde08f602abce&w=588&h=117

https://admin-dzz.top1game.com:8887/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=jlpplkvkan7k917mdjqinvtq33&uid=top1game_884621&platform=top1game&gkey=dzz&skey=52&time=1469867681&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=9b04e0887f2379b8b446d7bd5e931e28&w=588&h=117

http://admin-dzz.top1game.com:8807/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=qbieks9tnqu1ncnp16c5ut0lp4&uid=top1game_837429&platform=top1game&gkey=dzz&skey=46&time=1468066487&is_adult=1&exts=&back_url=&type=web&bind=10&pf=1&sign=be438912fa7a089435fee318ee230a5a&w=588&h=117

http://admin-dzz.top1game.com:8807/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=14uuo52r29ht4184csphbr5fg2&uid=top1game_771667&platform=top1game&gkey=dzz&skey=26&time=1463634342&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=c533235d0e497d25c5dac903459a413f&w=588&h=117

http://admin-dzz.top1game.com:8807/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=fn7chvpmkt18cagat8ulk1oh62&uid=top1game_824997&platform=top1game&gkey=dzz&skey=42&time=1467028025&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=850e0e352f8bf7d3952c2700ee33fe20&w=588&h=117

http://admin-dzz.top1game.com:8807/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=p8ka4o2p6arf4742dh076bspd4&uid=top1game_803843&platform=top1game&gkey=dzz&skey=35&time=1465449135&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=5aeb59fd8ee615401df940abd4dc4a81&w=588&h=117

http://res-dzz.top1game.com/mclients/.../Sovereign-xejag.exe

http://admin-dzz.top1game.com:8807/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=vvhq4h1vgg79k76ng0m6ts4bf3&uid=top1game_867217&platform=top1game&gkey=dzz&skey=50&time=1469341041&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=9ece633d68b31a1c3845446bbc42a6d6&w=588&h=117

http://admin-dzz.top1game.com:8807/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=e0ekmhjb7u05s3b5jfkvrjlt02&uid=top1game_788663&platform=top1game&gkey=dzz&skey=33&time=1465035310&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=ed140c2f504fba3b3e1c9f964fccfa6b&w=588&h=117

http://admin-dzz.top1game.com:8807/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=m77o6pchhi5e10vihbakmnvh47&uid=top1game_831109&platform=top1game&gkey=dzz&skey=44&time=1467532537&is_adult=1&exts=&back_url=&type=web&bind=10&pf=1&sign=c22c7c6d9d095edd5652b56db525c940&w=588&h=117

https://admin-dzz.top1game.com:8887/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=kf5vueqrm6h6hameph9g03itv7&uid=top1game_903431&platform=top1game&gkey=dzz&skey=54&time=1470566788&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=287e3b245bf2534ad59b73170f06a50c&w=588&h=117

http://res-dzz.top1game.com/mclients/.../Sovereign-yuhav.exe

http://res-dzz.top1game.com/mclients/.../Sovereign-futoz.exe

http://admin-dzz.top1game.com:8807/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=ds3m0ffj101qir0u4cunihcg26&uid=top1game_729035&platform=top1game&gkey=dzz&skey=13&time=1470586405&is_adult=1&exts=&back_url=&type=web&bind=11&pf=1&sign=8469385116e90c6b6e7a3761aafa3642&w=588&h=117

https://admin-dzz.top1game.com:8887/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=g2lduj50slra39j4o6ng8em3n3&uid=top1game_902249&platform=top1game&gkey=dzz&skey=54&time=1470511434&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=6e0c100d2163f0c24d2f5165d78c2428&w=588&h=117

http://admin-dzz.top1game.com:8807/?t=dl&pf=top1game&s=http://admin-dzz.top1game.com/.../dzz.html?pscode=68chpqvam2ts3gfn5vikl93qv3&uid=top1game_837219&platform=top1game&gkey=dzz&skey=46&time=1468057834&is_adult=1&exts=&back_url=&type=web&bind=00&pf=1&sign=9b3053379ea989c2b79a01baeaa4f6de&w=588&h=117

Latest 30 of 94 download URLs

Scan sovereign-fayof.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.