» bankshotbilliardsdeluxe.exe
Overview
Analysis
File Details
Programs (1)

bankshotbilliardsdeluxe.exe

PIXELSTORM ENTERTAINMENT STUDIOS INC.

File name:

Publisher:

PIXELSTORM ENTERTAINMENT STUDIOS INC. (signed and verified)

MD5:

87ea74137e57e78cb5fbf1b062bff7a4

SHA-1:

9e5c81219c0d6bfa09c5ffdbc95f2965cf22d1e4

SHA-256:

fc3adb5d79d9626b12fa0785714d8082298f4bce2b8ece5ba889d8cd99128e1f

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

5/7/2024 8:17:37 AM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

Win-Trojan/Xema.variant

2014.06.25

nProtect

Trojan/W32.Agent.768616

14.06.24.01

File size:

750.6 KB (768,616 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\zone.com deluxe games\bankshot billiards deluxe\bankshotbilliardsdeluxe.exe

Digital Signature

Signed by:

PIXELSTORM ENTERTAINMENT STUDIOS INC.

Authority:

VeriSign, Inc.

Valid from:

12/12/2003 8:00:00 AM

Valid to:

12/12/2004 7:59:59 AM

Subject:

CN=PIXELSTORM ENTERTAINMENT STUDIOS INC., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=PIXELSTORM ENTERTAINMENT STUDIOS INC., L=Edmonton, S=Alberta, C=CA

Issuer:

CN=VeriSign Class 3 Code Signing 2001 CA, OU=Terms of use at https://www.verisign.com/rpa (c)01, OU=VeriSign Trust Network, O="VeriSign, Inc."

Serial number:

21AAFC7D28A1510315ECA9C2AB8AC37D

File PE Metadata

Compilation timestamp:

7/27/2004 6:32:50 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

83.82

CTPH (ssdeep):

12288:WXxBjoECNe/KqfHSA/fiOCIwW8X+0mhVOerbHqK57Q+l7vGC4ivj1eNxy40vYnD:0dCNQfyA/qOGW8X+04rbKwTH43HD

Entry address:

0x4FA000

Entry point:

60, E8, 00, 00, 00, 00, 5D, 50, 51, EB, 0F, B9, EB, 0F, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 59, 58, 50, 51, EB, 0F, B9, EB, 0F, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 59, 58, 50, 51, EB, 0F, B9, EB, 0F, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 59, 58, 60, 33, C9, 75, 02, EB, 15, EB, 33, C9... 
[+]

Entropy:

7.6961

Packer / compiler:

Armadillo 3.00a

Code size:

140 KB (143,360 bytes)

The file bankshotbilliardsdeluxe.exe has been discovered within the following program.

Bankshot Billiards Deluxe by Zone.com

Publisher's description - “8-Ball is the pool game everyone knows and loves. Players try to sink all the balls in their group (either stripes or solids) and then try to sink the 8-ball to win. Don't sink the 8-ball before you've sunk everything in your group, or you'll hand the victory to your opponent!”

www.zone.com

About 5% of users remove it

Scan bankshotbilliardsdeluxe.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.