tomb.exe

Nancy Drew

Her Interactive

This is a setup program which is used to install the application. This is installed with Nancy Drew: Tomb of the Lost Queen. The file has been seen being downloaded from st12.file.karelia.ru.
Publisher:
Her Interactive  (signed and verified)

Product:
Nancy Drew

Description:
Nancy Drew engine

Version:
8, 0, 0, 30162

MD5:
ea5fcc595bc8181537ff2d6283547f08

SHA-1:
ce0a8264760de3a50daf75e47c67a584b9ef2c52

SHA-256:
e5316c37d9700c6ab745154e862d828fb1ee3096ce731c191beb667c70c6e8a2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 4:16:39 PM UTC  (today)

File size:
1.7 MB (1,808,128 bytes)

Product version:
22, 0, 0, 0

Copyright:
Copyright © 2007

Original file name:
GAME.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\tomb.exe

Digital Signature
Signed by:

Authority:
The USERTRUST Network

Valid from:
7/22/2010 4:00:00 AM

Valid to:
7/22/2012 3:59:59 AM

Subject:
CN=Her Interactive, O=Her Interactive, STREET=1150 114th Ave SE Suite 200, L=Bellevue, S=WA, PostalCode=98004, C=US

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00B9428BF2C95BFBB88871AD8E67D13956

File PE Metadata
Compilation timestamp:
3/15/2012 11:45:46 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:WOiuNhwbYBQKzFTVp4a7pY8sU3kzuLrxaTZcX1:WOioesqKztVq2pYAHxaTZcX1

Entry address:
0x511FC

Entry point:
E8, 84, D6, 00, 00, E9, 78, FE, FF, FF, 6A, 0C, 68, 88, 4A, 54, 00, E8, CA, 24, 00, 00, 8B, 75, 08, 85, F6, 74, 75, 83, 3D, FC, F4, 56, 00, 03, 75, 43, 6A, 04, E8, 06, A0, 00, 00, 59, 83, 65, FC, 00, 56, E8, E7, D6, 00, 00, 59, 89, 45, E4, 85, C0, 74, 09, 56, 50, E8, 08, D7, 00, 00, 59, 59, C7, 45, FC, FE, FF, FF, FF, E8, 0B, 00, 00, 00, 83, 7D, E4, 00, 75, 37, FF, 75, 08, EB, 0A, 6A, 04, E8, F2, 9E, 00, 00, 59, C3, 56, 6A, 00, FF, 35, DC, 5C, 56, 00, FF, 15, 38, C1, 51, 00, 85, C0, 75, 16, E8, B3, 03, 00...
 
[+]

Code size:
1.1 MB (1,159,168 bytes)

The file tomb.exe has been discovered within the following program.

Nancy Drew: Tomb of the Lost Queen  by Her Interactive, Inc.
www.herinteractive.com
About 1% of users remove it
 
Powered by Should I Remove It?

The file tomb.exe has been seen being distributed by the following URL.

Scan tomb.exe - Powered by Reason Core Security