» 771cartes.exe
Overview
Analysis
File Details
Downloads (4)

771cartes.exe

NataS

The application 771cartes.exe has been detected as a potentially unwanted program by 18 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from download1808.mediafire.com and multiple other hosts.

File name:

771cartes.exe

Publisher:

NataS

Description:

YGO - 771 Cartes

Version:

1.2

MD5:

4a2f178ab8f6bd21888645fe0f32e904

SHA-1:

68d23aa3188a859f45cb693b98bf852d4d47d5f4

SHA-256:

def4c2c41d3693f8317aca8d13a0d6ed890435421505ca32fc071c80f6763d89

Scanner detections:

18 / 68

Status:

Potentially unwanted

Analysis date:

5/9/2024 1:53:21 PM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

Adware.Win32.Rabio

4.0.3.15226

Comodo Security

UnclassifiedMalware

21090

Dr.Web

Adware.Rabio.66

9.0.1.057

Fortinet FortiGate

Adware/Rabio

2/26/2015

IKARUS anti.virus

not-a-virus:AdWare.Win32.Rabio

t3scan.1.8.6.0

Kaspersky

not-a-virus:AdWare.Win32.Rabio

14.0.0.2426

McAfee

Artemis!4A2F178AB8F6

5600.6842

NANO AntiVirus

Riskware.Win32.Rabio.hcyvh

0.30.0.65070

nProtect

Trojan-Clicker/W32.Rabio.557665

15.02.13.01

Panda Antivirus

Adware/Rabio

15.02.26.04

Quick Heal

AdWare.Rabio.ej.n8 (Not a Virus)

2.15.14.00

Rising Antivirus

PE:Trojan.Win32.Generic.1232BFBC!305315772

23.00.65.15224

Sophos

Generic PUA GI

4.98

Trend Micro House Call

ADW_RABIO

7.2.57

Trend Micro

ADW_RABIO

10.465.26

Vba32 AntiVirus

AdWare.Rabio

3.12.26.3

ViRobot

Adware.Rabio.557665[h]

2014.3.20.0

Zillya! Antivirus

Adware.Rabio.Win32.45

2.0.0.2068

File size:

544.6 KB (557,665 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\yu-gi-oh! myth of atem\771cartes.exe

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:98WmAFsS8m8vCD92fz/OOlPkCR5iuJig7WAGy1YkKkMPgQiwO9ETflJs:mWmAF+Q9irOIbR3J1He44oEA

Entry address:

0x23C18

Entry point:

55, 8B, EC, 83, C4, F0, B8, 08, 3B, 42, 00, E8, 28, 1C, FE, FF, E8, E7, FC, FF, FF, E8, 66, 04, FE, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

139.5 KB (142,848 bytes)

The file 771cartes.exe has been seen being distributed by the following 4 URLs.

http://download1808.mediafire.com/451716kd6hvg/.../Patch_Cartes.exe

http://files01.arabsh.com/file/1419077252/.../All Cards.exe

http://download2004.mediafire.com/neqql4cdndkg/.../771cartes.exe

http://download2004.mediafire.com/3zl1hl3pnqtg/.../771cartes.exe

Remove 771cartes.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.