home

Game.exe

TianLongBaBu

Beijing AmazGame Age Internet Technology Co., Ltd.

The application Game.exe by Beijing AmazGame Age Internet Technology Co. has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Changyou.com limited  (signed by Beijing AmazGame Age Internet Technology Co., Ltd.)

Product:
TianLongBaBu

Description:
TTL3D

Version:
0, 85, 0, 0

MD5:
5b24c59e5077229325d64cac3a547fcb

SHA-1:
1a923cd5ac1386ef80f5e03da500136604f1e13c

SHA-256:
5d03c857dc11c9013ef9d7fd5f1b30d860378b54a62bde966fafbd5e1e6f5e60

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
9/21/2024 2:20:27 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.BeijingA
17.2.22.3

File size:
2.6 MB (2,686,536 bytes)

Product version:
0, 85, 0, 0

Copyright:
(C) 2008-2009 Changyou.com Limited.All Rights Reserved

Original file name:
Game.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\vng\tanthienlong\bin\game.exe

Digital Signature
Signed by:
Beijing AmazGame Age Internet Technology Co., Ltd.

Authority:
Symantec Corporation

Valid from:
3/18/2015 7:00:00 AM

Valid to:
6/17/2018 6:59:59 AM

Subject:
CN="Beijing AmazGame Age Internet Technology Co., Ltd.", O="Beijing AmazGame Age Internet Technology Co., Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
32986F1A747EDB31B8BB8BD88A2A0D03

File PE Metadata
Compilation timestamp:
2/15/2017 6:34:49 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

Entry address:
0x1000

Entry point:
68, 01, F0, 46, 01, E8, 01, 00, 00, 00, C3, C3, 75, 78, 97, 23, AB, 50, 1D, BE, DB, 63, 0A, D5, 4B, DF, 1A, CA, 40, 4E, 8A, 04, 37, F0, D1, CC, 35, 59, 0A, 18, C2, 49, 6F, 50, DD, F1, AC, 77, F0, 24, FE, 9D, 9E, A4, 4F, 0C, F9, 8F, 71, 5D, 43, E5, 1A, 94, AF, CD, 41, CE, 30, 6B, D1, A2, 74, E9, 44, 9E, D5, 8B, 21, 04, 32, C6, EB, 11, C8, D5, 00, 05, 69, 7E, 5C, BB, 35, 37, BA, 06, 90, 0D, 97, 80, 89, 96, 91, A8, 70, 07, AF, 18, 60, 36, 68, 32, 89, BD, 5D, CF, DF, 98, F7, 8F, 41, 02, 35, F7, B5, 91, A8, 54...
 
[+]

Entropy:
7.6930

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
4.6 MB (4,780,032 bytes)

Remove Game.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.