home

bowlingevolution-1.06.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from ec.ccm2.net.
MD5:
178abc8d539c5a6a9f6f861166d15d5c

SHA-1:
ac410940125b9741cb982ec88ba4aa204e389acb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 9:40:31 PM UTC  (today)

File size:
9.2 MB (9,618,217 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\documents and settings\administrateur\mes documents\downloads\bowlingevolution-1.06.exe

File PE Metadata
Compilation timestamp:
2/21/2009 8:46:34 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:kWP9ify7WLTpjm67SpsU5tbnNIkq4ATkqmeKeFZG0ZH:kWPsa2j3IZx84Az+WgyH

Entry address:
0x323C

Entry point:
60, 52, 83, E3, 00, 53, FF, 15, B8, 70, 40, 00, 59, 2B, DB, 53, FF, 15, EC, 70, 40, 00, 50, 68, 45, 1E, 46, 00, E8, E7, 07, 00, 00, 5B, 59, E8, 05, 00, 00, 00, 86, 27, CB, 5E, 0D, 03, D8, 0F, BE, F4, F6, C6, B3, 69, D5, 81, 40, 03, BA, 0F, BE, EA, 68, F7, A2, 26, 00, 6A, 30, BE, 00, 00, 00, 00, 56, FF, 15, 0C, 71, 40, 00, 59, 5A, 81, C0, 4D, C6, 23, 00, 0F, BA, FB, 21, 84, D5, 89, EE, 0F, C0, E7, 33, F6, 56, FF, 15, EC, 70, 40, 00, 81, F0, 49, 03, 00, 00, 8B, D9, 41, 47, EB, 01, 83, 59, 81, FD, 47, 88, 3D...
 
[+]

Entropy:
7.9997  (probably packed)

Code size:
23 KB (23,552 bytes)

The file bowlingevolution-1.06.exe has been seen being distributed by the following URL.

http://ec.ccm2.net/www.commentcamarche.net/download/.../BowlingEvolution-1.06.exe

Scan bowlingevolution-1.06.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.