home

{blocked}.exe

InstallShield

This is a self-extracting archive and installer. The file has been seen being downloaded from 46.105.39.38 and multiple other hosts.
Product:
InstallShield

Version:
1.0.0.0

MD5:
2b96ba7fae9fc07d675e7877e2b5a47f

SHA-1:
cd8d7a30f5878abc8cd581f8be01a3a1fbee6069

SHA-256:
5dc45f54affbf03d21a8916e4a93ad437ebd94b048059d12d4018994010f12a0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
8/3/2025 9:23:44 AM UTC  (today)

File size:
10.5 MB (11,020,800 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2015

Original file name:
SUPERHOT - InstallShield Wizard.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\superhot - installshield wizard.exe

File PE Metadata
Compilation timestamp:
3/26/2016 2:22:54 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
196608:3EAPle9sM3l0v1AuaFSD3mS80qwCtYh5wZjzEl4Ws8/XMedkZ:3NPgiMNfFSD2OvCtYh58Kc

Entry address:
0xA780DE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9739

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
10.5 MB (10,969,600 bytes)

The file {blocked}.exe has been seen being distributed by the following 3 URLs.

http://46.105.39.38/.../SUPERHOT - InstallShield Wizard.exe

https://dl.dropboxusercontent.com/content_link/.../file?dl=1

http://install-game.com/SUPERHOT_PC_GAME

Scan {blocked}.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.