» tropico 5 - spolszczenie.exe
Overview
Analysis
File Details
Downloads (1)

tropico 5 - spolszczenie.exe

WindowsApplication1

This is a setup program which is used to install the application. The file has been seen being downloaded from s7125.chomikuj.pl.

File name:

Product:

WindowsApplication1

Version:

1.0.0.0

MD5:

ec511dc165bfa041b5f2695e5871fc05

SHA-1:

85703e00629fc1e3eb49f0f917c9a5ceaf4f3cdd

SHA-256:

037d0f58ff4516c2c54690ebb8252f14dfb01f477f110ebfd12a76f63e24d6cd

Scanner detections:

2 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

11/15/2024 1:05:28 AM UTC (today)

Scan engine

Detection

Engine version

McAfee

Artemis!EC511DC165BF

5600.6538

VIPRE Antivirus

Trojan.Win32.Generic

38280

File size:

7.5 MB (7,821,312 bytes)

Product version:

1.0.0.0

Original file name:

Tropico 5.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\tropico 5 - spolszczenie.exe

File PE Metadata

Compilation timestamp:

7/3/2014 8:15:16 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

98304:QGi7GiQrvGiQGiWyDzefVXKmkByDzefVXKmkByDzefVXKmkByDzefVXKmkpGa:QGiGXDGvGACfGSCfGSCfGSCfGpG

Entry address:

0x75438E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, F4, F4, B4, 53, 00, 00, 00, 00, 02, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

7.3 MB (7,676,928 bytes)

The file tropico 5 - spolszczenie.exe has been seen being distributed by the following URL.

http://s7125.chomikuj.pl/File.aspx?e=eO64ylngJZd4oxX7b8uqO-ZfxVZmWKNwJokwbSaZHcissQUQE50PTHoik0Yv3GPPDfPdC_X5zMys6rul1sK9Yd0yfeJFu8KdFc7hM5Y3f269lqvP9jfP5fOxQ8ckPs0EdpBi_en6A4uHO5sJglfUzzccSnvTFGgMcfaas6HY_Dk&pv=2

Scan tropico 5 - spolszczenie.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.