yandere simulator-october 16th.exe

Som

Parsec Media S.L.

The application yandere simulator-october 16th.exe, “Som Setup ” by Parsec Media S.L has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.giftvaultbinaries.com.
Publisher:
Parsec Media S.L.  (signed and verified)

Product:
Som

Description:
Som Setup

Version:
1.0.5.0

MD5:
8afbd62a944630770b3d78c8409da346

SHA-1:
8d297b3bd81d8623cdf068db7a070d1409739402

SHA-256:
7418dfcd32f6ac553cbfdfcfab6e88670c0c64237ca59c3173b4d7077d04788f

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
11/5/2024 11:47:08 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore (M)
17.3.11.17

File size:
1.2 MB (1,257,976 bytes)

Product version:
4.1

Copyright:
File Wizard

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Common path:
C:\users\{user}\downloads\yandere simulator-october 16th.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
1/20/2016 3:02:38 AM

Valid to:
1/20/2017 3:02:38 AM

Subject:
CN=Parsec Media S.L., O=Parsec Media S.L., S=Barcelona, C=ES

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121664972E6D57B8AC3433073871EDF1FEA

File PE Metadata
Compilation timestamp:
6/19/1992 10:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file yandere simulator-october 16th.exe has been seen being distributed by the following URL.

http://www.giftvaultbinaries.com/IYwsg50eXGseKe48PIfn2YNIokARIrKyPXbIgsnDXStl2nYvsTsoYnFH9q3bXXTlfOX p157qZkbk22CRb 9N_DdGd0_v_fqMcLGWJ0wGbdL97TrJcUcbUPS6zqlD_xmEFz4e39kEhMedoY4LCSG7qCx5VOcJ1PXDUUsqeDb9EZSjYt12C4TxQ7dZyTtoxvQ3n8yXxZ4Qhlk0Y4DPBTimTdzA1ItYQvZsLloZI5n3p1bbYbeKaMxoz3Trg6da30RLbmCh2hMEPA2hc2M9MiqOCa4M_9QdbJqwqNqUYxY6YW6Z44NnyxZYFRBLxcRc77CYgId7MdL_2Zzm48K4fP4rbFDhfIKy_Borh6PhXxlg_j1mpZJtpiFYT8EsLCO6WhUxz6IJk4gRxzKTf8INYDGDbG8pK1f1MN2Jv 6rHxKf74BP0ZYxgLO nQ6cLY9r0nZt6HWccDNWfLtJ0qGx8rZunfcdE1Iw24HwA0vWAcqHPvrXsamCA=-G1gAAMTaOU5PllU2k_HpQuHr eKUA9bWlqQRpwHAle4xlvENiTJpjVlysXa TtlkBUhFzBMNXa4v7 xP5Llt8RMl78R22oCStBccPgA=

Remove yandere simulator-october 16th.exe - Powered by Reason Core Security