home

ttr_ge_helper.exe

TTR Game Enhancers

Publisher:
TTR Game Enhancers  (signed and verified)

MD5:
3e978b06a4f33a05bae7a8df967e3ae0

SHA-1:
5a3a357679da7017ae58fc728e8007aca5fb1a7b

SHA-256:
25270e3b6e318dd38792b6c30b09a7db70e12031237ed657c7546dc06bc66f6f

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
1/13/2025 3:45:28 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAutoB
1.3.0.7744

Qihoo 360 Security
HEUR/QVM19.1.0000.Malware.Gen
1.0.0.1120

Rising Antivirus
PE:Packer.Win32.Mian007.a!493501 [F]
23.00.65.16407

File size:
5.5 MB (5,754,792 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\ttr_ge_helper.exe

Digital Signature
Signed by:
TTR Game Enhancers

Authority:
TTR Game Enhancers

Valid from:
6/18/2015 10:00:00 PM

Valid to:
6/18/2016 10:00:00 PM

Subject:
CN=TTR Game Enhancers

Issuer:
CN=TTR Game Enhancers

Serial number:
2B5EDAC3E76B788A4A28BD8C10B8B5D8

File PE Metadata
Compilation timestamp:
6/28/2013 8:45:44 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:ewAXQee9Wh/gnnMOe621UKm/YGLAeks7LOe4dotCYaYuDA+Bm/DV:ewAWsh5OUUP/dEexlxEYaYua7V

Entry address:
0x815000

Entry point:
83, EC, 04, 89, 1C, 24, C7, 04, 24, 00, 93, 5A, 2F, 89, 34, 24, 57, 89, E7, 81, C7, 04, 00, 00, 00, 83, EF, 04, 87, 3C, 24, 5C, 89, 1C, 24, 89, 04, 24, 50, 54, 58, 05, 04, 00, 00, 00, 2D, 04, 00, 00, 00, 87, 04, 24, 5C, 89, 1C, 24, E8, 01, 00, 00, 00, CC, FF, 34, 24, 8B, 04, 24, 81, C4, 04, 00, 00, 00, 81, C4, 04, 00, 00, 00, 50, FF, 34, 24, 5B, 81, C4, 04, 00, 00, 00, 81, EC, 04, 00, 00, 00, 89, 14, 24, BA, FF, FF, FF, FF, 29, D0, 5A, 52, BA, FF, C7, 7B, 53, 81, C2, 52, 5A, 3A, 33, 81, C2, AF, ED, 62, 79...
 
[+]

Entropy:
7.9951  (probably packed)

Code size:
35.5 KB (36,352 bytes)

Scan ttr_ge_helper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.