home

sphere.exe

GameXP AccessPoint

Fun Factory LLC - ООО ”Фабрика Развлечений”

This is a setup program which is used to install the application. The file has been seen being downloaded from get.gamexp.ru.
Publisher:
NIKITA ONLINE  (signed by Fun Factory LLC - ООО ”Фабрика Развлечений”)

Product:
GameXP AccessPoint

Description:
GameXP Сфера Установка

Version:
1.0.2 (63860)

MD5:
2bb5fc6d9f1ce4e270eeb3f94b2770dd

SHA-1:
e1225bf20af69e0b438dab21f6d9827b8fb213f5

SHA-256:
968f1abef82b543493df8e63432d657783ec62fc9aa1b4dcc6ba6541e9e0c420

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
2/26/2025 2:06:19 PM UTC  (today)

File size:
590.8 KB (604,992 bytes)

Product version:
160831.12

Copyright:
© 2016-2016 NIKITA ONLINE. All rights reserved.

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\sphere.exe

Digital Signature
Signed by:
Fun Factory LLC - ООО ”Фабрика Развлечений”

Authority:
StartCom Ltd.

Valid from:
1/19/2016 3:36:57 PM

Valid to:
1/19/2019 3:36:57 PM

Subject:
CN=Fun Factory LLC - ООО ”Фабрика Развлечений”, O=Fun Factory LLC - ООО ”Фабрика Развлечений”, L=Moscow, S=Moscow City, C=RU

Issuer:
CN=StartCom Class 3 Object CA, OU=StartCom Certification Authority, O=StartCom Ltd., C=IL

Serial number:
4E5B6C6B862FF37A3C84D02F4D69059C

File PE Metadata
Compilation timestamp:
8/31/2016 2:17:50 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

Entry address:
0x16F2E0

Entry point:
60, BE, 00, 20, 4E, 00, 8D, BE, 00, F0, F1, FF, C7, 87, E4, 92, 12, 00, 59, 4C, 59, 98, 57, EB, 11, 90, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46...
 
[+]

Code size:
568 KB (581,632 bytes)

The file sphere.exe has been seen being distributed by the following URL.

http://get.gamexp.ru/ap/dl/.../Sphere.exe

Scan sphere.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.