versioncheck.exe

EpicPlay LLC

The application versioncheck.exe by EpicPlay has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a scheduled task under the Windows Task Scheduler named ArcadeParlor triggered daily at a specified time. This file is typically installed with the program ArcadeParlor by Arcadeparlor.com which is a potentially unwanted software program.
Publisher:
EpicPlay LLC  (signed and verified)

MD5:
de968a02b040d04d32484c8a19e4b6ca

SHA-1:
3b455d59b85bc0a6f4e34edd91bc86310e800ce2

SHA-256:
68bbf422353795e6369337817e792eab4691628010f64d8e66b0c6a02f78096f

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/30/2024 3:28:28 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.EpicPlay (M)
16.12.14.23

File size:
125.9 KB (128,936 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\arcadeparlor\versioncheck.exe

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
9/29/2013 7:00:00 PM

Valid to:
9/30/2014 6:59:59 PM

Subject:
CN=EpicPlay LLC, O=EpicPlay LLC, L=IRVINE, S=California, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
4943770084438BB2C2C1CE4C8278F7E8

File PE Metadata
Compilation timestamp:
7/1/2014 3:25:38 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

Entry address:
0x4762

Entry point:
E8, 91, 5D, 00, 00, E9, 7F, FE, FF, FF, 6A, 03, E8, 45, 5D, 00, 00, 59, 83, F8, 01, 74, 15, 6A, 03, E8, 38, 5D, 00, 00, 59, 85, C0, 75, 1F, 83, 3D, 08, B6, 41, 00, 01, 75, 16, 68, FC, 00, 00, 00, E8, 31, 00, 00, 00, 68, FF, 00, 00, 00, E8, 27, 00, 00, 00, 59, 59, C3, 55, 8B, EC, 8B, 4D, 08, 33, C0, 3B, 0C, C5, B8, 2A, 41, 00, 74, 0A, 40, 83, F8, 17, 72, F1, 33, C0, 5D, C3, 8B, 04, C5, BC, 2A, 41, 00, 5D, C3, 55, 8B, EC, 81, EC, FC, 01, 00, 00, A1, C0, A1, 41, 00, 33, C5, 89, 45, FC, 56, 8B, 75, 08, 57, 56...
 
[+]

Entropy:
5.9253

Code size:
65 KB (66,560 bytes)

Scheduled Task
Task name:
ArcadeParlor

Trigger:
Daily (Runs daily at 8:26 PM)


The file versioncheck.exe has been discovered within the following program.

ArcadeParlor  by Arcadeparlor.com
Owned and operated by EpicPlay LLC, ArcadeParlor is distributed via the InstallIQ download manager. "Premium Games are offered free of charge at the Site in exchange for your agreement to install the ArcadeParlor Software.
www.arcadeparlor.com
81% remove it
 
Powered by Should I Remove It?

Remove versioncheck.exe - Powered by Reason Core Security