zooksgames.exe

GameZooks

The application zooksgames.exe by GameZooks has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from gamezooks.com and multiple other hosts.
Publisher:
GameZooks  (signed and verified)

MD5:
03a8153159beba33e69426d3f6ed8acf

SHA-1:
ff0c2130d10a9082b055597eb727df8ecf116da3

SHA-256:
c9c753510769cc2b51dae470bbef4dbda393979a8fbbd719e194a0b6817de9b4

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 1:46:38 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.GameZooks.Installer (M)
15.7.24.7

File size:
71.1 KB (72,776 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\zooksgames.exe

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
5/5/2015 5:00:00 PM

Valid to:
5/5/2016 4:59:59 PM

Subject:
CN=GameZooks, O=GameZooks, L=Lake Forest, S=California, C=US

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
436A67CBE7004F68BAC0199D93406BCA

File PE Metadata
Compilation timestamp:
12/5/2009 2:50:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:9QpQ5EP0ijnRTXJhm9xdb3BxuSvJmUduMXDAGQNZdCrcmLONiKQlVnXGo:9QIURTXJUdbRzm9MlQ0rZOIKq5

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Entropy:
7.4310

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file zooksgames.exe has been seen being distributed by the following 50 URLs.

http://gamezooks.com/zooks/.../ONGBG6XcxwxfltIsAz1nEfXw4VL0d3gcJjBRijEC52CYMJy7eQnzRasLnhq7CtTujoRhe1WK0BbylMOSaeAIfmon9b9NFiaDgEn7W55kgpA==&c=gameId318

http://gamezooks.com/zooks/.../WxZ2HVrkf7 OXrdpOyMyrqrokGYeRqgW4w0mfR4bH8m2FBS02v6hAfhvK9H4ZRE NBxJ5BB5zZY1xIch rL3j8acpAR8c6DiME4HsKVYV bonvAhjjPClQLsgpXsVA2qj aKje5eW07eW0MNn8ME=&c=gameId2811

http://gamezooks.com/zooks/click?cp=YTIyOTU5MzkxMDBYpJ3kuDbh0p vgJ5tYduWFPDUSc0a98Jl 1t33n9bOLGGKa2EoT/.../0xg5u9UyYJGrcRvPBzdnHm0ZWyLas5sZS2J4tbyvVx8CgbdSlhweizwxvIC7vJMvGPuQ2kqOFdOJl3fx7rHc4CWjBvXc6T4sE4iYPVOBWIRO8Q==&c=gameId1263

http://tmzo.gamezooks.com/.../install?ip=YTIwMDA3NjE2MTObsue9tv6XPRSpFs+ljNFBFqXi7wkCoDzisG5+i4ZQOYthAnjbc2YC4Ie3P2QgK/27oR23zfqE+LtaUFF6aABYMALTTSCG0Ob/xkq2j+x9YHZylmjK/TaUxcyNtgfTtvU=

http://gamezooks.com/zooks/click?cp=OTUwMjg3NTY1MjCoqoh/CVEn9sUmq6kQAn1z1RPCoBl3xinqvHgs34to4YXoaBmoghk6 VwRbAALo7oO72jZQU2XodPpKcxlA8tsx23C5ryyUL1kgvLroQ1bYyeZraQutOsoVzKFrfM8SS74syh5mo2R8M9Jc4HdiSKo//.../IwU=&c=gameId271

http://gamezooks.com/zooks/.../cayOczPeHoOlqlpV1sHdZ6dfOvG 0OjPJcYaYWKTeoxUpNJurcq J16h6G3guoNQWELu5Tu27yqHUQLHr&c=gameId2811

http://gamezooks.com/zooks/click?cp=YTE3MTE0MjMzOTiuslbtmHRjqU PgPoB6Z MztjpqH/qMbpBm8kIkIcesMZJBQ1rfHwlbgPxfLLGC7b4ygXqPKDHgBBIkQN16hDDJAwiOJTclVzXxiTNDBs4btrvh/cxJmColGNHep jIIx8M3/.../6n9K0K6nhvuKgU59djHBg==&c=gameId2811

http://gamezooks.com/.../click?cp=YTQwNzc3OTc0MjmUAbAX8YlZcTrAeKhJEQeMoJd2Gv8jGxAcNtFLsjZbBhKn6pAOm3fee2SrXZHgzoenUq2KH5qrfTP6KoqgD2ShxEj9g M8FX1lEfOaoB5MoM5AMI9ss PJmfjirJzSJ2fA0XehKEfvbhMf8CsVqns4BY4wgu9FZqyVVzLMHmaqIf1uYjQSOtSI&c=gameId2811

http://gamezooks.com/zooks/click?cp=YTQxMjc5OTkzNzJeG3 TkaiUWkY72JKn8O38a0UqBgTbN145flZ3Ix/ReVP4Qdt2hRGv4VcVFHxMVHVR4ce8e CqoIFnC4dbdfTsPJZyv42bpm4hFIQzWWTOzC8 EaHGuGW6qxMW/jXCzwb4c/rq9/.../iCI Wvq&c=gameId890

http://tmzo.gamezooks.com/.../install?ip=YTE1NjA2ODU1NzXboUUqDbSzw0+PgPoB6Z+MYUfbkeSxbTYwgFZPFj8PBLdxGgk1m8i6vN6NRfwLh+ATXLWbfn4rPzYyPkVTcGDXEHjkAwJG9E/MAAOJSLFbmjY8t0rpYcfcpjbunSrLAPE=

http://gamezooks.com/zooks/click?cp=OTU1ODU4MDY4OIjt135KGbdeWRoP3PojfIaL/.../QIxflHYQU pGCNrqJav mHJ4wilct1HortY=&c=gameId2811

http://gamezooks.com/zooks/click?cp=YTM0NzUxMjg0NDd1LN7c98LQHHfsZZ JcBd Ursf z/fb4z6pAO9386KxXIqqT6T9TDafkWwMjxpQpgUA3zCa1US2clvmyABEvKBm0WksVDrRyba32Mo3M5 9rHKnAFS7Lz24j45WA/.../mhIAJaBg==&c=gameId2811

http://gamezooks.com/zooks/click?cp=YTE1Mzg5OTg4MjWBcZxrKlFDyMaXa4rDb6HfA/MNumlD/Ip4OI1y5D8UZ8blHPox6andPmog4MYr4FYjas8O2KAgR52GnEX1qNVAw 5nRz5SRUeO5jFyKRC5YtKJKOVklupRAQXbpUqt0TK1hqZaVMW/.../NhdYp2Np6vAqQrj8g==&c=gameId2811

http://tmzo.gamezooks.com/.../install?ip=YTM1MTg1NzM4OTTboUUqDbSzw0+PgPoB6Z+MYUfbkeSxbTaHTTkhffKCDfeTVhFDvpuYRPjgKlb2Yi4TXLWbfn4rPzYyPkVTcGDXEHjkAwJG9E/bi6Io5ECblqJ/JtQ61bRV9ykNAXktvao=

http://gamezooks.com/zooks/click?cp=YTM1OTY1MDEzMjEbRXI87NfwFlNnArGwVQR69d/HX2HXqZv1yw0bp3kW7rH3YcLaa34Xw3ekAUTFonWC/.../Dvg5apnQAQMkgx6uErm3etRND3zo PCwX qcPCbdhI5XWgFkQ7X57RfUyTAmFcFwoOPacs6HDP3J47XQ==&c=gameId3961

http://gamezooks.com/zooks/click?cp=OTc0NjYwMjcxOIjt135KGbde98P JtJA9Fkj73pnvtlh GMqBgsyBnAl3RAyG6zAveFbEm7 lBxIQ1xGZjNcpC90Pwu m7XNdFU8rSdIc4KZIaoliL N4hm/.../kKY6slPhpByadMLxFlW Vww1C3rxvTHCCalvdLzjk=&c=gameId2811

http://gamezooks.com/.../click?cp=YTIyMTk4NTI4ODBYpJ3kuDbh0ilXitBvSXs ReokxcDfQGq koCK5082Yu8spvKVRfq2DvhAenqBZvKFo9W7r41AuAuUtxymKFXAab1gnnPmVLq8Hvp8VoOImmXk8mnPWznJ2SSLNaTmXzE4CEWE7t2x cJu0yN0haTjfUvQEsPegNdWA4MCTipzwA==&c=gameId2811

http://gamezooks.com/zooks/click?cp=YTIwNDc4ODc1NzOQjPdZoHE/to9Qc/ocfSQp72fdLMqhy//9cj7sRZqoR5iX6tnmI3UZQqRX3AHD4Di4fqAWd0iSDcGRkYFmPulKohkLW5zI6bWJ1W ixp1EuMRlsIN8X /.../yvakeMJzluKuy3Hx71XcRSrM2X&c=gameId2811

http://gamezooks.com/zooks/.../YwxdIRyjwfGuXORtW3BH9u5fL2Q==&c=gameId2811

http://gamezooks.com/zooks/.../F8ssYLtvjKBeo8oMeAEEiRA3XqEMPLKjgm0yPrjeh5PaUxWwm7uSYMKDQlnKeUY0d6n6MgjHwzf8maUOIXJzZQj2Gd3LdEGB1CUnz5JwxHhUDtgt27&c=gameId2811

http://tmzo.gamezooks.com/.../install?ip=YTM3MzM4NjE0MDjboUUqDbSzw0+PgPoB6Z+MYUfbkeSxbTbj/XmbKCa/IMyeG0GYPES2V5HlfXm4K0uRJ8Mfz0AEaOPPAuT8z+9E7WQYFp8deAEVtGu+AYez7IyTFjPv7/wPx7sh4DfSv4sB2D2cP2lAZQ==

http://tmzo.gamezooks.com/.../install?ip=YTQwMzQyMTE3MDPboUUqDbSzw0+PgPoB6Z+MYUfbkeSxbTYkCSsnOh/ZTts5s076sCvYhgXUIpWgqCdY0a1TbIQ+OpYTEcTrLw8OYamnIE36gNt7TSw1CL30SQwaO5AFZF1XbmwSelrDveR5PI/DyaCTPA==

http://gamezooks.com/zooks/.../fOw35uaMBfRs5MahCguQczmMYLslEitWD3iRN1c4cNqicGuwOfc=&c=gameId2811

http://gamezooks.com/zooks/click?cp=YTIzODA0MTU4NDb5MPS1p/8gWCjulTqQafNRQrVDNYSB37xtQf2/I94zuJccEy0MBuql5PH4tkB7D4hvyu5UgKB5zyIRt91zJE6JcLt5ODym sMPEibZqavUVHu qkqPSU6gbCeB/.../R f6tuEZAXloCIrlrbXzblDUah&c=gameId263

http://gamezooks.com/zooks/click?cp=OTgyMzE0OTA0Mojt135KGbdefjdOOjMgYfjGCJuw0niDfSclg8RouKnkY2K2cSvFX3Qke X1UqiDku9VRY3A8Z3qW0P19VzhsNctqx9ivC4MlJZujaFIA4dFhUVBeNpPyi3rgoYQieF7GTQBUeROHJtfRUmBh92qp9x7r1tZVgKHGVcL6/.../7QQPoYhs=&c=gameId2811

http://gamezooks.com/zooks/click?cp=YTI2ODcxMjQ3NTd7G4RHWxdQFrnsokZPa5XtPOPhf/o4tmxxsgEEA2Joa5pLF28xhjYDUcS18Wx IBRqzyVzx5cwDl7LzGZfW9XDff0w28xT 2Yu/E2tvPyPePvgg3swooCtgl/oh/.../XOkA0N2tVTQG2SxWI8nNSFzj5e17YP&c=gameId17816

http://gamezooks.com/.../click?cp=OTk0ODY0OTI3MnsbhEdbF1AWNQkVlGi f4bc9oQaQDD cXauglGqcKsmhJ5OpOH0JicFYrZIriRsSwyhdvUaxYH8n6jvatCDiCVk97xrD7LhhmR1PFd4 EnK oXcgJS9Z0PLRwcQUeS 2ofCwpmD3U935CcAqSUO9rKuLR27rBMgKJH4ASsZG91F&c=gameId2811

http://tmzo.gamezooks.com/.../install?ip=YTM1NjkyMzczMDjboUUqDbSzw0+PgPoB6Z+MYUfbkeSxbTYw4PnfCYHT7er5yzF17L2NWc8NjHDY+zfnP0/deX+ikTz0ZWkMw1VOwlPn2eFbEe5+3z7j65s7U+6ei8UGh7FLNZHdNQ0NAVVlhdg/x7J7D+lM/iCI+Wvq

http://tmzo.gamezooks.com/.../install?ip=OTI1NTgwMDcxMi4yKz6JcZ6wbnVxLGWb3taAk4eoxYdL2eBh6XnHCpO9tJSKvWM3GfKX8wuQhhU0JMcm3+h0n/UkbaTX52LHM953f/ue44UwWJEdc0qNNHzR5SxSCt0Dy9HCuHm2RIG7h4m1CVKpiA0v

http://gamezooks.com/zooks/click?cp=YTI3MTc3Mjg0MzONyH38RquVKkU/JuQaNkPD4HorY/ZzeKvO/.../OsBGsaWmqCKY5hnzMxKHhC4KWLxCSH7dhzyiFRmUUlMhK6IJnGkiYMjTmQ0ST3avFM5FTbY8r6Crja0A==&c=gameId2811

Latest 30 of 335 download URLs

Remove zooksgames.exe - Powered by Reason Core Security