versioncheck.exe

EpicPlay LLC

The application versioncheck.exe by EpicPlay has been detected as adware by 3 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler named ArcadeParlor triggered daily at a specified time. This file is typically installed with the program ArcadeParlor by Arcadeparlor.com which is a potentially unwanted software program.
Publisher:
EpicPlay LLC  (signed and verified)

MD5:
a054af2ecbc781ce29965330bdd9f410

SHA-1:
ca51f047ab2c58c8738b668cca57a998198ef717

SHA-256:
839f46831a67819fcd7ec28789547b516e44c45087cb7c5d76eddf648c14e00c

Scanner detections:
3 / 68

Status:
Adware

Analysis date:
11/27/2024 10:57:52 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.EpicPlay
15.4.21.13

Trend Micro House Call
TROJ_GEN.F47V0806
7.2.240

VIPRE Antivirus
Gamevance LLC
24674

File size:
128.6 KB (131,728 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\arcadeparlor\versioncheck.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
6/4/2013 5:00:00 PM

Valid to:
6/5/2014 4:59:59 PM

Subject:
CN=EpicPlay LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=EpicPlay LLC, L=Newport Beach, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1DB5E86A4E124ECBF9671AAF915B352E

File PE Metadata
Compilation timestamp:
6/28/2013 6:02:04 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
1536:wL45Ou0cz8yzLnffwVx7QWGL9Kd1cOopmsWjcdX+PxBA8aLs1E2+gXfUd:wLfQgUYHMpLExKX+PxBA8bbHXu

Entry address:
0x4762

Entry point:
E8, 91, 5D, 00, 00, E9, 7F, FE, FF, FF, 6A, 03, E8, 45, 5D, 00, 00, 59, 83, F8, 01, 74, 15, 6A, 03, E8, 38, 5D, 00, 00, 59, 85, C0, 75, 1F, 83, 3D, 08, B6, 41, 00, 01, 75, 16, 68, FC, 00, 00, 00, E8, 31, 00, 00, 00, 68, FF, 00, 00, 00, E8, 27, 00, 00, 00, 59, 59, C3, 55, 8B, EC, 8B, 4D, 08, 33, C0, 3B, 0C, C5, B8, 2A, 41, 00, 74, 0A, 40, 83, F8, 17, 72, F1, 33, C0, 5D, C3, 8B, 04, C5, BC, 2A, 41, 00, 5D, C3, 55, 8B, EC, 81, EC, FC, 01, 00, 00, A1, C0, A1, 41, 00, 33, C5, 89, 45, FC, 56, 8B, 75, 08, 57, 56...
 
[+]

Entropy:
5.9310

Code size:
65 KB (66,560 bytes)

Scheduled Task
Task name:
ArcadeParlor

Trigger:
Daily (Runs daily at 2:57 PM)


The file versioncheck.exe has been discovered within the following program.

ArcadeParlor  by Arcadeparlor.com
Owned and operated by EpicPlay LLC, ArcadeParlor is distributed via the InstallIQ download manager. "Premium Games are offered free of charge at the Site in exchange for your agreement to install the ArcadeParlor Software.
www.arcadeparlor.com
81% remove it
 
Powered by Should I Remove It?

Remove versioncheck.exe - Powered by Reason Core Security