home

ttr_ge_helper.exe

TTR Game Enhancers

Publisher:
TTR Game Enhancers  (signed and verified)

MD5:
6ed34e9f9f6564e86c815a3773b61926

SHA-1:
e415c223d29fdac2b8b57778d8227d027fba5ef0

SHA-256:
4b3e82615bc6cd4396ad7de7d444066d9a8bc9cfbf911c64fa342cc5e5841c45

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
1/13/2025 3:52:40 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAutoB
1.3.0.7383

IKARUS anti.virus
Trojan.Win32.Themida
t3scan.1.9.5.0

Rising Antivirus
PE:Packer.Win32.Mian007.a!493501 [F]
23.00.65.16129

File size:
6.1 MB (6,430,704 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\misc\toontown rewritten ge\ttr_ge_helper.exe

Digital Signature
Signed by:
TTR Game Enhancers

Authority:
TTR Game Enhancers

Valid from:
6/19/2015 12:00:00 PM

Valid to:
6/19/2016 12:00:00 PM

Subject:
CN=TTR Game Enhancers

Issuer:
CN=TTR Game Enhancers

Serial number:
2B5EDAC3E76B788A4A28BD8C10B8B5D8

File PE Metadata
Compilation timestamp:
6/28/2013 10:45:44 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:M/q69qg7IJ0sYKtbAcid1r0S/6gdROMMb76hV4Xqd9aEjeprCoxxUXNpueMT:kqmv7EvtbiLddRkbuhV4XgJjXoizJ+

Entry address:
0x89B000

Entry point:
50, 89, E0, 57, BF, 04, 00, 00, 00, 01, F8, 5F, 2D, 04, 00, 00, 00, 87, 04, 24, 5C, 89, 34, 24, 51, 56, BE, FE, 53, C5, 7C, 89, 74, 24, 04, 5E, 89, 04, 24, 50, C7, 04, 24, 77, 4B, FB, 52, 89, 1C, 24, E8, 01, 00, 00, 00, CC, FF, 34, 24, 8B, 04, 24, 81, C4, 04, 00, 00, 00, 81, C4, 04, 00, 00, 00, 52, 50, 50, B8, 74, 85, DB, 7E, 01, 44, 24, 04, 58, 5A, 81, EA, 74, 85, DB, 7E, 89, D3, 5A, 52, 53, BB, A0, 7D, E5, 3B, 81, EB, DF, 34, 70, BD, 89, DA, 5B, F7, D2, C1, E2, 06, 42, 81, F2, 7E, 30, 52, 9D, 29, D0, 5A...
 
[+]

Entropy:
7.9898  (probably packed)

Code size:
35.5 KB (36,352 bytes)

Scan ttr_ge_helper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.