yandere simulator-march 17th.exe

Fapages

Parsec Media S.L.

The application yandere simulator-march 17th.exe, “Fapages Setup ” by Parsec Media S.L has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.giftvaultbinaries.com.
Publisher:
Parsec Media S.L.  (signed and verified)

Product:
Fapages

Description:
Fapages Setup

Version:
3.4.1.5

MD5:
b57d12373b70a34bd5dd32504c6669ad

SHA-1:
ecb376a57b9350f0cb1cc5e0b618ad06e79a236b

SHA-256:
9e831f0cce2e8d39079fbbf163dd1272a985c3e33dade214dcbdfe1125ca0019

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
11/5/2024 11:33:20 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore (M)
17.3.11.17

File size:
1.2 MB (1,280,496 bytes)

Product version:
3.3

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Common path:
C:\users\{user}\downloads\yandere simulator-march 17th.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
1/20/2016 3:02:38 AM

Valid to:
1/20/2017 3:02:38 AM

Subject:
CN=Parsec Media S.L., O=Parsec Media S.L., S=Barcelona, C=ES

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121664972E6D57B8AC3433073871EDF1FEA

File PE Metadata
Compilation timestamp:
6/19/1992 10:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file yandere simulator-march 17th.exe has been seen being distributed by the following URL.

http://www.giftvaultbinaries.com/uXywjoUYUYUvSnDJeBxnS7YOmTW8TuJWLmtfhAC2wCcJgtCKWKjSqHB5YvlS9lHrU0Vx8cR4Te77DGP0HK_UINZ5be6XcvrCgHlAwnMs OnyMkftgDgnCTpDlzVMbM8r14zFKnPaY JgJ97fEQoCDrNgd8_2ZLzZu0vmYYIIZydjkGAxyOJyePFbrv_3N5MgHwuDY0d7 cKUdCSYvTiu7iyaRuk6AmoVBrAFAzF_B_B06HnfhijdfAEW2fYr3mlMA4nYESnId4EGNLv8 XA4mXRmu4qycMtCsG0MtBj7wLvhENXmSvBwINZoA5TRhz5bKWvZcl1oePthVmPqiaT3eF _UqaVwiZe4vSAW2oHlOZ3IQhkdrzLuJefZvFz4LpuTC8vr_ypyGxMBAiQp7DSN7LZZ7J6V W_doqAr5IPmxjCxc2E2JsUKnOntfM6lnvOI9xTkbQMCYNJ 9oPuy04utwixyDdIw==-G1gAAMTaOU5eJsNuNRlfnafo65_ilAPW1pakEac5nOnOQx1_R1J0jmmNWXKxCTspO1gB0hHzlAdRj 06 xN1nbf5qpF6Mu9M U7y8Qkf

Remove yandere simulator-march 17th.exe - Powered by Reason Core Security