» alarmfuercobraelf.exe
Overview
Analysis
File Details
Downloads (21)

alarmfuercobraelf.exe

dtp entertainment AG

This is a setup program which is used to install the application. The file has been seen being downloaded from data2.stiahnut.sk and multiple other hosts.

File name:

Publisher:

dtp entertainment AG (signed and verified)

MD5:

a42839551ffd94fa31665216bc8cc032

SHA-1:

39b7c230220cb63d15fbcc3d9db63a82b7802e60

SHA-256:

542bf4adee631b0bc1bf8304c1d06985898fd92dc3df0ea7f3a5046d6e15ea43

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/8/2024 12:10:54 AM UTC (today)

File size:

356.9 MB (374,233,032 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\alarmfuercobraelf.exe

Digital Signature

Signed by:

dtp entertainment AG

Authority:

GlobalSign nv-sa

Valid from:

10/26/2010 2:48:29 PM

Valid to:

10/26/2012 2:48:25 PM

Subject:

CN=dtp entertainment AG, OU=Development, O=dtp entertainment AG, L=Hamburg, S=HH, C=DE

Issuer:

CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:

0100000000012BE8C821B0

File PE Metadata

Compilation timestamp:

3/15/2010 7:27:50 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6291456:P1Gr0BbeQQyN6RtmpKrrHyY1UV/G7VCrk22GZB5jXXg+c6:QYw5Vrm0ODVe7mksB5jlD

Entry address:

0xA7B1

Entry point:

E8, E3, FE, FF, FF, 33, C0, 50, 50, 50, 50, E8, BE, 2B, 00, 00, C3, 56, 57, 8B, 7C, 24, 0C, 8B, F1, 8B, CF, 89, 3E, E8, D0, A7, FF, FF, 89, 46, 08, 89, 56, 0C, 8B, 87, 1C, 0C, 00, 00, 89, 46, 10, 5F, 8B, C6, 5E, C2, 04, 00, 8B, C1, 8B, 08, 8B, 50, 10, 3B, 91, 1C, 0C, 00, 00, 75, 0D, 6A, 00, FF, 70, 0C, FF, 70, 08, E8, AF, AC, FF, FF, C3, 55, 8B, EC, 83, EC, 1C, 56, 33, F6, 56, 56, 56, 56, 8D, 45, E4, 50, FF, 15, 40, 22, 41, 00, 85, C0, 74, 21, 56, 56, 56, 8D, 45, E4, 50, FF, 15, 44, 22, 41, 00, 8D, 45, E4... 
[+]

Code size:

66 KB (67,584 bytes)

The file alarmfuercobraelf.exe has been seen being distributed by the following 21 URLs.

http://data2.stiahnut.sk/downloadFile.php?n=YWxhcm0tZm9yLWNvYnJhLTExLXRoZS1zeW5kaWNhdGUtY3Jhc2gtdGltZS1pdl80LmV4ZQ==&s=5mdtfu4j9u3cqt9v7ieh6f2sd3&r=ab71f957f9d89d185e12d77ebb725109

http://gsf-cf.softonic.com/39b/7c2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=315209&instance=softonic_de&type=PROGRAM&Expires=1484885966&Signature=gLtxM1V1qwCPYMakTLi2mDye16tXmrkL3R6VQkVFUu80Yiyot2hyOZxD41aPTYQrQnm2zyYMNDJyc2grL~UQXfsx~GmI4p0mDKfUs1GRbccTY5rQeI3AGYZrhKK1YjisdvD3wUx5Q-8VgVQcrQY4AcA0agfu5yGxRgWoc-e96sk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CT4_DEMO_setup_EFG.exe

http://www.toucharger.com/.../8c5dea6d.dl

https://www.eleven-games.net/download.php?fileID=1697

http://gsf-cf.softonic.com/39b/7c2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=315209&instance=softonic_de&type=PROGRAM&Expires=1477807143&Signature=Kj6wQjNRSGrskzlyNH5vQZfUZw4NhdpSlo6HF0KlC9bJ~IXEUvhittHJEwpG3gVR7dl4RjVKcez5R4carwiPlsh0cx4IT7DumXqqidKhCKd3Ko93KTUeVxrW-IwXRxFk18t7Dec5W7sXQewByIBYbi8zslYUdjhehZ2GTQj6HOs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CT4_DEMO_setup_EFG.exe

http://www.tagbulkmega.com/lbnaCWjh0JSbBONTPIHXSpfcmoEx75iMJsPHY FwtRCUTsz0QRxPo47ldhamHJkVk8DK9 7F2JUxaUS0PN5HPxRXaockQ01iBfHJfo0NwZuxl4cJiHpyYUISolpP9SQvn4W0EjYBjNLtmu_p6z8Noif4NGMdpt5ziZ5dXwMq9U1DcequC3J5w8OWfirIFUynmrIUtt7NA8Zk NJoeGTvpUfWUH5TDeJQ46B6UDbwS2azpwXtKM8AUYR6WMnW_H2 2dn4sY7ZGPi_H2kQnXiYFXbJxs8gO_CagAlfk1lQAxxb8GeRqa184REjKqvpzPmakgQtRTE0mX6jKZ50cKxlCQE8T YibNj4knLlCRiMYztiCcDUC2BeO06pU8deRNVqfsJ2iZONDU_9BgXNdxtBEjkF65Ow5IazljSm3pdAaGFaRDqvZFrl9fKj4JX9xipZJM3oRVzLtfk72XuT2jde1c kgTWXCb99ajb9Z0vclWeD26smtgQBmF ffwbyE4gjBY7Z6qRlGmpYMLpaXErUI3rjr_mdRa 8fIabk052MuhJNSZvL3cYer7oGa96EYYpayYiukmv-G2YAAGRkXa1dE7BuPmEDDlwKZNJxQBsmcsIt6HbXGHpD074f7Sq0hglXa3Vv4P0mYFP0E0RRsK0e8Pnv7bRUL6j7dfLzEpmm JLxgtv5 S3e4856XlyrQCeiBIPRJE6jDA==-e

http://data2.softmania.sk/downloadFile.php?n=YWxhcm0tZm9yLWNvYnJhLTExLXRoZS1zeW5kaWNhdGUtY3Jhc2gtdGltZS1pdl80LmV4ZQ==&s=3vbc968n0tjqgo3r8tk4hp8215&r=6d39a3d05c0416f242f398d6bcde94e2

http://gsf-cf.softonic.com/39b/7c2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=315209&instance=softonic_de&type=PROGRAM&Expires=1476507179&Signature=HJNSQ7EfeRChxfkonUd75b0ihLyXe6y3YqAW0aNZ49UU9ooEZ0RRzlsm4XGGQJBnlzZoqdnz6yasl5pFJJEiIdWWjHZy5zXqYhNJ9~6SceVHBRjBBTK8o7Cxl5plJUeXs9fElai3R7tjSO6H9XcWz0NLB9NB0m-a7JWT30t8xC0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CT4_DEMO_setup_EFG.exe

http://i.download.idg.pl/fannef/138f541867b1e21a18f88e0fad294c00/57f20b5f//zx/cyberjoy/dema/c/.../CT4_DEMO_setup_EFG.exe

https://secure.giga-downloads.de/dl/.../

http://www.tagquickcontent.com/PNFu5C1RxQlwdGECrtmhfAeB1ppb1FSvLwKphyp4u3lJAN5ZX__WUFkhCfjvJdT1MXLsFRMkv4Fhr4bfMKDsMtZFe_wYq336v4IqZXWhZVoF2tZ265NXvitHsNCA0RKnEyoBCn 3z1UNIPtdO2L4n8CL6HH DK49K43ffIE2YaK wkmP0eA6k3aATGo8K_M2eSvRb2r73NtGCDv7TYVBzmbjuweQrbdLmeharV36n sKa6JEWxdCtLie5j D8Wj64ddQTCORSPEj1CYxKGXOqLng3QD xrD51o4TSeUrsXrq5k8bozUawyznApflGaq8rTDu7eAV33rZgy61jMgzSfdVZr3GwKkyC1F1wKuNX9MZgroLCjHwFNg8bdwpTAKYcCc_7zmz_3eQH3xbxs7W0vFDe3sEaAcGdMBoZ01X4wshsZfbf4=-G0AAAETnFhvAZmiKJmexP2FmEzfBIQcOX8nNAsJgY xcwaBeWeOCpGsDWZpaezKURev1ct0FzebC9XwB64P8Ow==-e

http://gsf-cf.softonic.com/39b/7c2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=315209&instance=softonic_de&type=PROGRAM&Expires=1448266912&Signature=WzUcHGccC2I-DrGhRdX0nw0lh3PhST2RPnf6bkT7Oo653pFJ4JwtE9xY42328YJVIi-EKdxll0swwH7--CcVKdbeVZn1iy2A-Ik6~mWQAzGFbHSsrJV6X6vWjOCyUe8KYbv09JtgDsDYhLYck6ygBIlu5q4GvCzOSKIHTZhxntQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CT4_DEMO_setup_EFG.exe

http://games.softpedia.com/dyn-postdownload.php/5328ec71030d02eb4c570e8c01201693/57891975/141fd/.../1?tsf=0

http://dl.cdn.chip.de/downloads/.../AlarmfuerCobraElf.exe

http://letoltes.szoftverbazis.hu/shwZ8QzJwYzHcJirZO_lHw/1458924911/.../CT4_DEMO_setup_EFG.exe

http://static.letoltokozpont.hu/letoltokozpont.hu/programok/.../CT4_DEMO_setup_EFG_110211.exe

http://gsf-cf.softonic.com/39b/7c2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=315209&instance=softonic_de&type=PROGRAM&Expires=1436961159&Signature=PScqv3SUj0~QU28K1be8aGHonkbAeyHfZvzqYFikaoBmYCNkAeqYcWpfGcxTxZcd96tfYxqmdvw1N7IIDrTTFGIUX6fRfZuu1-LhnhA8gAdEI7xQb9CkfkUWqLbnvMGl8XJSgNJN0y9W2xipksftV8WXR0wRi4XFimv~-90xqUQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CT4_DEMO_setup_EFG.exe

http://i.download.idg.pl/fannef/a952cbd3ae09efd25bc8c1ce1149fc54/56bcd79b//zx/cyberjoy/dema/c/.../CT4_DEMO_setup_EFG.exe

http://gsf-cf.softonic.com/39b/7c2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=315209&instance=softonic_de&type=PROGRAM&Expires=1455605549&Signature=HR7LCa2HqM36DrKA59ZxgyH3KVcNhPZoluDdRCqjOSukwld3P38ZamsF6~Ii4pG-CiIGG5vrONvMCvrQnDW~dcgGQ6nL2bKweQq7dABd1GuuIDtCFFFoUl-nZbH5sxEInTCwu7ePFLLPuArSuexrHlokfU3oqLikH4B6kUpfeOw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CT4_DEMO_setup_EFG.exe

http://download2us.softpedia.com/dl/51076d5a4926e839a1b1acbd6f799763/55ccbef2/200082429/games/.../CT4_DEMO_setup_EFG.exe

http://download.fileplanet.com/ftp1/.../CT4_DEMO_setup_EFG.exe

Scan alarmfuercobraelf.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.