» age2upa.exe
Overview
Analysis
File Details
Programs (2)
Downloads (25)

age2upa.exe

setup

Microsoft Corporation

This is a self-extracting archive and installer. This file is installed with multiple programs including Microsoft Age of Empires II: The Conquerors Expansion and Microsoft Age of Empires II. The file has been seen being downloaded from w2.getpedia.net and multiple other hosts.

File name:

age2upa.exe

Publisher:

Microsoft Corp. (signed by Microsoft Corporation)

Product:

setup

Description:

setup

Version:

1, 00, 08, 3002

MD5:

20b9fd4ebd51d0375882f4f510ca7c36

SHA-1:

06f9961216f61f7e29a55e0a5054462e25e4af82

SHA-256:

70a98c47ec57b64e49fbbc08f0ef0900a1833016f54d492a188d778d7005067d

Scanner detections:

1 / 68

Status:

Clean (1 false positive detection)
Whitelisted (by digital signature)

Analysis date:

4/20/2024 12:56:28 AM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

c:\users\test\appdata\local\temp\2f86056379b0930e9ec3702725f3e41b33c9bb99 c:\users\test\appdata\loca

9.0.1.05190

File size:

2.5 MB (2,643,424 bytes)

Product version:

1, 0, 0, 1

Original file name:

setup.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Digital Signature

Signed by:

Microsoft Corporation

Authority:

VeriSign, Inc.

Valid from:

4/4/2000 2:00:00 AM

Valid to:

4/18/2001 1:59:59 AM

Subject:

OU=Microsoft Corporation, CN=Microsoft Corporation, L=Redmond, S=Washington, C=US, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU="www.verisign.com/repository/RPA Incorp. by Ref.,LIAB.LTD(c)98", OU=VeriSign Commercial Software Publishers CA, O="VeriSign, Inc.", L=Internet

Issuer:

OU=VeriSign Commercial Software Publishers CA, O="VeriSign, Inc.", L=Internet

Serial number:

75F28EF8A8FBEA6D11529714954B655C

File PE Metadata

Compilation timestamp:

8/30/2000 11:25:58 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

49152:gkciFTpnCQBRJm41HyCoYE0STQt0oI019LdcV/W+uj6wr68Vzm8wzKC:gZWsAJmcH5oYE0STQtnI0fLQBqZzTC

Entry address:

0x1A83F

Entry point:

55, 8B, EC, 6A, FF, 68, E8, 8B, 42, 00, 68, 00, F2, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 4C, 82, 42, 00, 33, D2, 8A, D4, 89, 15, 20, 55, 43, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 1C, 55, 43, 00, C1, E1, 08, 03, CA, 89, 0D, 18, 55, 43, 00, C1, E8, 10, A3, 14, 55, 43, 00, 6A, 01, E8, FE, 31, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, EA, 46, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75... 
[+]

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

156 KB (159,744 bytes)

The file age2upa.exe has been discovered within the following programs.

Microsoft Age of Empires II by Microsoft Corporation

Age of Empires is a history-based real-time strategy video game. Developed by Ensemble Studios and published by Microsoft, the game uses the Genie, a 2D sprite-based game engine.

1% remove it

Microsoft Age of Empires II: The Conquerors Expansion by Microsoft Corporation

Age of Empires II: The Conquerors Expansion is the expansion pack to the real-time strategy game Age of Empires II: The Age of Kings. The Conquerors is the fourth installment in the Age of Empires series by Microsoft Game Studios and Ensemble Studios.

2% remove it

The file age2upa.exe has been seen being distributed by the following 25 URLs.

http://w2.getpedia.net/Data/Soft/Free/.../Age2upA.exe

http://www.tamindir.com/indir/MjAxNi0wNy0xNyAxMjoxOTo1OQ==/age-of-empires/.../2-update

http://www.moddb.com/downloads/mirror/22589/.../a8bf83ac7b501e4f518431bfb7eb93a6

http://www.moddb.com/downloads/mirror/22589/.../e2fddd4c9f1cbe7cfe8d277e1763b2c2

https://r99-777-29.tot13-per12-la22.com/stream/.../l5QqWlhs2bJ90vHkK3BzIE=

&onid=2119&oid=3001-2119_4-12183&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=games/strategy-war&topicbrcrm=&pid=44157&mfgid=50119&merid=50119&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=699463a363892feb922203c9&viewguid=gbca-k7a5k9aoIQfhl7lDucHZuFTBuAhrvpO&destUrl=http://files.downloadnow.com/s/software/44/15/.../Age2upA.exe

http://www.moddb.com/downloads/mirror/22589/115/410fe488a138e27b205aa9d952a986d4/?referer=https://.../

&onid=2119&oid=3001-2119_4-12183&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=games/strategy-war&topicbrcrm=&pid=44157&mfgid=50119&merid=50119&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=d0be8a68b8234975a8d13f64&viewguid=f@sEE3zblQ2jZRo9jrWI98yjsrRXzHBgrFk1&destUrl=http://files.downloadnow.com/s/software/44/15/.../Age2upA.exe

&onid=2119&oid=3001-2119_4-12183&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=games/strategy-war&topicbrcrm=&pid=44157&mfgid=50119&merid=50119&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=c94230835fc960a7c6f599b0&viewguid=g@-nZFKnzb8x5-yPPx3xqK3RFFu7DRqy6K2z&destUrl=http://files.downloadnow.com/s/software/44/15/.../Age2upA.exe

&onid=2119&oid=3001-2119_4-12183&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=games/strategy-war&topicbrcrm=&pid=44157&mfgid=50119&merid=50119&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=6c81d9a050a7ada7690c69f1&viewguid=g8-XCGxXRWudevpSvOVrg4QCemi66YS4dOGO&destUrl=http://files.downloadnow.com/s/software/44/15/.../Age2upA.exe

https://doc-08-bk-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/7o3nhnu1ail9hqcv40vhvktdqomfrqf2/1473033600000/04183127029279317528/.../0B5tZN2MgyruOZng1SjB5TC00RjQ?e=download

&onid=2119&oid=3001-2119_4-12183&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=games/strategy-war&topicbrcrm=&pid=44157&mfgid=50119&merid=50119&ctype=dm&cval=NONE&devicetype=desktop&pguid=b7eed3fc32dff576c340f520&viewguid=cqQBhiqtX31CDxBZQzY0rOhQ0rQvo9mK5HP@&destUrl=http://files.downloadnow.com/s/software/44/15/.../Age2upA.exe

http://www.techtudo.com.br/_/software/.../download

http://w2.mien-phi.com/Data/Soft/Free/.../Age2upA.exe

http://files.lonebullet.com/age-of-empires-ii-the-age-of-kings/.../the-age-of-kings-update-20a-english.exe

http://software-files-a.cnet.com/s/software/44/15/.../Age2upA.exe

https://dl-web.dropbox.com/get/Age of Empires II/.../age2upa.exe

http://files.downloadnow.com/s/software/10/72/55/.../Age2upA.exe

http://www.moddb.com/downloads/mirror/22589/.../39fc2fdbfd2ee5ce0c6b59a5d33bf132

http://w7.mien-phi.com/Data/Soft/Free/.../Age2upA.exe

http://www.voobly.com/files/view/17473896/.../Age2upA.exe

http://www.moddb.com/downloads/mirror/22589/.../2a54b6561dc90d712d1445e7ff9c3c7a

https://download.microsoft.com/download/aoeaok/Update/2.0a/W9XNT4/.../Age2upA.exe

http://files.downloadnow.com/s/software/44/15/.../Age2upA.exe

http://download.microsoft.com/download/aoeaok/Update/2.0a/W9XNT4/.../Age2upA.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.