cheatengine63.exe

Cheat Engine 6.3

Cheat Engine

The application cheatengine63.exe, “Cheat Engine 6.3 Setup ” by Cheat Engine has been detected as a potentially unwanted program by 3 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. This file is typically installed with the program Cheat Engine 6.3 by Dark Byte. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars.
Publisher:
Cheat Engine   (signed by Cheat Engine)

Product:
Cheat Engine 6.3

Description:
Cheat Engine 6.3 Setup

Version:
6.3.0.0

MD5:
a80dc3d17c3c4b05ae9c2074b5dec4ad

SHA-1:
23322b394b8112fc8e26f9d00becfd84ad01a90b

SHA-256:
888d6baea57d833b4bc506e571046ee8bae7f0f1d7604188b057748099eec175

Scanner detections:
3 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
12/11/2018 5:36:12 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
7.9310

Reason Heuristics
PUP.CheatEngine.Bundler.Installer.Meta (L)
16.5.22.15

Trend Micro House Call
TROJ_GEN.F47V0623
7.2.360

File size:
7.7 MB (8,071,400 bytes)

Product version:
6.3.0.0

Copyright:
Cheat Engine

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\cheatengine63.exe

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
3/25/2013 2:26:07 AM

Valid to:
7/22/2014 12:08:43 PM

Subject:
E=dark_byte@hotmail.com, CN=Cheat Engine, O=Cheat Engine, L=Eindhoven, S=Noord Brabant, C=NL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121ECFEBA3F53102B741B7E1AEDB2501C7C

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:5SUUbAr3ZxFM1QNG8oPvmMvKGZAZi9V7FSEF+O+OnDutNfkrZZR:qaZxFNGvPtCGWZingUnDutNcvR

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file cheatengine63.exe has been discovered within the following program.

Cheat Engine 6.3  by Dark Byte
Publisher's description - “Cheat Engine is an open source tool designed to help you with modifying single player games running under window so you can make them harder or easier depending on your preference(e.”
www.cheatengine.org
About 1% of users remove it
 
Powered by Should I Remove It?

The file cheatengine63.exe has been seen being distributed by the following 45 URLs.

http://download751.mediafire.com/337q3w3qi8hg/.../CheatEngine63.exe

http://cheatengine.persiangig.com/.5MHleaOD5F/.../CheatEngine63.exe

http://dc684.4shared.com/download/.../CheatEngine63.exe

http://cheatengine.persiangig.com/.3byvOLFAzO/.../CheatEngine63.exe

http://cheatengine.persiangig.com/.ZaJ0eBL3Ci/.../CheatEngine63.exe

http://cheatengine.persiangig.com/.zLLu0Gc5dL/.../CheatEngine63.exe

http://download751.mediafire.com/z8y9zvx4fllg/.../CheatEngine63.exe

http://cheatengine.persiangig.com/.pUdqVxQH0r/.../CheatEngine63.exe

http://dc500.4shared.com/download/.../CheatEngine63.exe

http://cheatengine.persiangig.com/.l9HiCkP4Rd/.../CheatEngine63.exe

http://down01.waxoo.com/6a476b57cd10e502cfbfeeae035ad3e1.exe/cheat-engine?id_file=248&expire=1403315896/581/.../exe

https://mega.nz/persistent/.../hE8DVbiR

http://download.uphaha.com/.../downloadFile.aspx?pku=310C15E96CE5SQ1679J9NZBYUXA3QZ

https://mega.nz/persistent/.../aEoUCShI

http://download1394.mediafire.com/yi6fjrvoi5mg/.../CheatEngine6.3.exe

http://download2117.mediafire.com/9eno7o3an9pg/.../CheatEngine63.exe

Latest 30 of 45 download URLs

Remove cheatengine63.exe - Powered by Reason Core Security