home

tibiacast_3_1_58.exe

Bettis

AtomPark Software Inc

Publisher:
Stellar Information System Ltd  (signed by AtomPark Software Inc)

Product:
Bettis

Version:
1.00

MD5:
5ce573121bf4ac377e9285149dbf2957

SHA-1:
5f61972da670ebfb7317ac1fbe31ea0f568495cb

SHA-256:
6333a1476954a6fd0f66e8848d5f600ddff72cf3bcbbf2adc970dc89e0e1e7a7

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/26/2024 5:02:38 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Injector.CUAY trojan
8.0.319.0

Microsoft Security Essentials
Threat.Undefined
1.215.2092.0

File size:
1.3 MB (1,337,512 bytes)

Product version:
1.00

Original file name:
Kumarbhag3.exe

File type:
Executable application (Win32 EXE)

Language:
Catalan (Catalan)

Common path:
C:\users\{user}\downloads\tibiacast_3_1_58.exe

Digital Signature
Signed by:
AtomPark Software Inc

Authority:
COMODO CA Limited

Valid from:
7/23/2015 2:00:00 AM

Valid to:
7/22/2016 1:59:59 AM

Subject:
CN=AtomPark Software Inc, O=AtomPark Software Inc, STREET=901 N Pitt str, STREET=Suite 325, L=Alexandria, S=VA, PostalCode=22314, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
009614B25066CEEF978B5B6079B9F0485E

File PE Metadata
Compilation timestamp:
3/8/2016 10:03:10 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:e2B0dUCuacOohuz3MztU4uEbt4+lr+nOMyy0PTgo2V8xNm:PBQUCQOohswdbPloyydqm

Entry address:
0x104C

Entry point:
68, 84, BD, 52, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, B6, A5, 4A, A1, F1, 4B, E9, 4A, BE, E9, FA, 40, 6C, 9B, AB, E0, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 31, 44, 32, 2D, 41, 39, 53, 75, 74, 68, 65, 72, 6C, 61, 6E, 64, 00, 34, 44, 41, 31, 7D, 00, 00, 00, 00, FF, CC, 31, 00, 01, 9A, 68, C1, 47, 03, 5D, 9B, 4E, B5, 80, CB, B2, C8, 96, 91, E5, 41, 65, B1, AF, 2C, 88, F0, 4C, 85, 35, 77, 3B, 0E, D4, 89, 77, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
1.2 MB (1,302,528 bytes)

Scan tibiacast_3_1_58.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.