home

the-sims-4-by_xatab-979-torrent.exe

Amulet

The application the-sims-4-by_xatab-979-torrent.exe by Amulet has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from downloader.disk.yandex.ru.
Publisher:
Amulet  (signed and verified)

MD5:
a24f4eb7b2979a206e8f267c6a4e01dc

SHA-1:
28c1fc7afd93f52d4bdf299d9d0eff06bd82134f

SHA-256:
7ae939baf8a0d52de7918fa96eaddb3c0a1b01bf1d1a45fe7e4c3e262fbd8f09

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 12:09:13 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.FileTour (M)
17.3.13.5

File size:
1.9 MB (1,994,752 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\the-sims-4-by_xatab-979-torrent.exe

Digital Signature
Signed by:
Amulet

Authority:
COMODO CA Limited

Valid from:
12/18/2015 2:00:00 AM

Valid to:
12/18/2016 1:59:59 AM

Subject:
CN=Amulet, O=Amulet, POBox=127015, STREET="Vyatskaya, 70, pom.1", L=Moscow, S=Moscow state, PostalCode=127015, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00B48E86D275ECE7BFC0A62B206428EDAC

File PE Metadata
Compilation timestamp:
6/6/2011 3:17:28 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.0

Entry address:
0x24F009

Entry point:
6A, FF, 03, 0C, 24, 58, 73, 02, 8B, FF, E9, F7, 23, 00, 00, 2A, D6, F4, B9, C3, 01, 79, 00, 68, F3, FE, AF, 3D, 9C, 81, 6C, 24, 04, 24, F5, 4A, 3D, 9D, C3, 00, 50, 2F, 89, 08, E9, 29, 09, 00, 00, E1, 68, DC, 0B, 65, 00, C3, 07, C4, 22, BA, C1, B0, 2F, 01, 68, 17, 05, 65, 00, C3, A7, 42, 63, 05, AB, 50, E3, FF, 68, FE, F9, 64, 00, 9C, FF, 44, 24, 04, 9D, C3, 2A, FF, E0, EB, 3C, 80, 8B, 54, 24, 0C, E9, 47, 07, 00, 00, D4, 14, A9, 64, FF, 30, E9, 07, 15, 00, 00, CF, 38, 64, FF, 35, 00, 00, 00, 00, 68, 62, F4...
 
[+]

Code size:
1.2 MB (1,224,704 bytes)

The file the-sims-4-by_xatab-979-torrent.exe has been seen being distributed by the following URL.

https://downloader.disk.yandex.ru/disk/9e1e219a57e303717fb4c840bf6285df1ed3ea8ba544ca0fc9f300d50a993e8a/574366f2/.../x-msdownload&fsize=1994752&hid=4da585c1023e524240d22a5746a13de8&media_type=executable&tknv=v2&etag=a24f4eb7b2979a206e8f267c6a4e01dc

Remove the-sims-4-by_xatab-979-torrent.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.