home

yandere-simulator-downloader.exe

Yandere Simulator

Yandere Dev

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from yandere-simulator.en.softonic.com.
Publisher:
Yandere Dev

Product:
Yandere Simulator

Description:
Yandere Simulator Setup

Version:
1.0

MD5:
9e2273a957fc63453388a56130523f18

SHA-1:
60b762dc12c61dd4d1f863860f517f8a11ef03ac

SHA-256:
e9659161c72f98e309d0c2bf192828ebd9cdf1abf62dd0fd1906f2ab940b4069

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 2:23:04 PM UTC  (today)

File size:
6 MB (6,313,003 bytes)

Product version:
1.0

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\yandere-simulator-downloader.exe

File PE Metadata
Compilation timestamp:
6/20/1992 5:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:XziZFo6w44Gt/my50kvrWKpWRPQaFoPSD:cZPmXkvSKOPcI

Entry address:
0xA5F8

Entry point:
89, D1, 68, 8B, 7C, FC, 00, 52, F6, DF, 0F, CF, FF, CE, 38, DA, 85, C8, 8D, 0A, 18, D7, 80, F6, 5C, 0F, B7, F2, 0F, AF, DB, B3, 31, 68, 23, 0E, 00, 00, 69, D1, 27, 63, 3B, 18, 5F, 43, 72, 02, 8A, F6, 8D, 15, 5D, 72, 61, DA, 02, D1, 8A, DD, 68, 37, 00, 00, 00, 8D, 1D, C1, AD, 39, 07, 5B, 81, EB, 37, 00, 00, 00, 0B, DF, 53, BA, B1, 96, DE, 8E, 5A, 8D, 1D, FE, B6, D0, 7F, 8D, 32, 0F, CA, 8B, EE, 0F, BE, F1, F7, DB, 81, F5, 23, 0E, 00, 00, 0B, D1, 8D, 29, EB, 08, 8D, 0D, F6, CA, 1A, FE, 03, F1, 87, F7, 33, C5...
 
[+]

Entropy:
7.9993  (probably packed)

Code size:
39.5 KB (40,448 bytes)

The file yandere-simulator-downloader.exe has been seen being distributed by the following URL.

http://yandere-simulator.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOKkYzUiVWQorfMH2Ywb6QfUNX3mPdrjcTC9T1sSZMTv/3QV5K/.../RE3GXwbmF4YdbVrVE 4xlTm60PQFczypQ2 bMJ84Elz75BQ1aawNkQ5jQ=

Scan yandere-simulator-downloader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.