home

the_sims.exe

NOEKDEDOLISEOG

K.S.-GRUPP

The application the_sims.exe by K.S.-GRUPP has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
©Ycydypyut   (signed by K.S.-GRUPP)

Product:
NOEKDEDOLISEOG

Version:
2.4.9.4

MD5:
a58324846d0235913c79afdb5fe560c7

SHA-1:
a47abed3a0b846bb073e4588783a4de629a0f3f4

SHA-256:
4bc69118f9f00309f5df23bd91fade487e89944f26d3988b50a911d6adc304e9

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/15/2024 10:42:41 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Bundler (M)
17.3.15.12

File size:
5.8 MB (6,031,976 bytes)

Product version:
2.4.9.4

Copyright:
©Ycydypyut

Original file name:
noekdedoliseog.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\cyberlink\power2go8\8.0\temp\the_sims.exe

Digital Signature
Signed by:
K.S.-GRUPP

Authority:
COMODO CA Limited

Valid from:
12/2/2016 2:00:00 AM

Valid to:
12/3/2017 1:59:59 AM

Subject:
CN=K.S.-GRUPP, OU=K.S.-GRUPP, O=K.S.-GRUPP, STREET=Bud 17 V Vul Dotsenka, L=Chernigiv, S=Ukraine, PostalCode=14032, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
5B5FA3D866750075EAEBBD10F74E4CFF

File PE Metadata
Compilation timestamp:
8/10/2013 7:32:59 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x1DDC20

Entry point:
55, 8B, EC, 83, EC, 3C, A1, 28, AB, 9B, 00, 89, 45, E0, C7, 45, F4, 00, 00, 00, 00, C7, 45, FC, 51, 09, 00, 00, EB, 09, 8B, 4D, FC, 83, C1, 1E, 89, 4D, FC, 81, 7D, FC, AB, 09, 00, 00, 73, 0D, 0F, B7, 55, F8, 0B, 55, F8, 66, 89, 55, F0, EB, E1, 8B, 45, E4, 89, 45, DC, 81, 7D, DC, AB, 00, 00, 00, 77, 17, 81, 7D, DC, AB, 00, 00, 00, 74, 30, 83, 7D, DC, 18, 74, 3B, 83, 7D, DC, 58, 74, 16, EB, 4B, 81, 7D, DC, 0E, 01, 00, 00, 74, 21, 81, 7D, DC, 3F, 01, 00, 00, 74, 2D, EB, 37, 8B, 4D, D8, 03, 4D, D8, 0B, 4D, E8...
 
[+]

Entropy:
4.1130

Developed / compiled with:
Microsoft Visual C++

Code size:
1.9 MB (1,954,816 bytes)

Remove the_sims.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.