home

dem2.exe

Disney Interactive Studios

Publisher:
Disney Interactive Studios  (signed and verified)

MD5:
4835a047924d9530f0c27487836d6f70

SHA-1:
cbbfd7b2737461b4f3f43888d9d645be4cb86f2e

SHA-256:
1d1edd7372771c748e4e205195cce3cf9ac11e3413e79273d96a01bf0ca5645c

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/19/2024 10:42:24 AM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
23.00.65.151125

File size:
18.9 MB (19,781,952 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\disney interactive studios\disney epic mickey 2\dem2.exe

Digital Signature
Signed by:
Disney Interactive Studios

Authority:
VeriSign, Inc.

Valid from:
9/10/2012 2:00:00 AM

Valid to:
9/6/2013 1:59:59 AM

Subject:
CN=Disney Interactive Studios, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Disney Interactive Studios, L=Glendale, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
23D96A2EEBE7C56883A8BE23BB393852

File PE Metadata
OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
393216:4i0qMpJJaCgP8DSaRX9k7U+YWBVFNnfiEL+:xULfgP8DSaPk7U+7/fiG+

Entry address:
0x3900

Entry point:
83, EC, 20, C7, 44, 24, 1C, 36, 47, 08, 02, C7, 44, 24, 18, 67, 00, 01, 00, 89, 7C, 24, 14, BF, D0, 38, 40, 00, C1, 4C, 24, 1C, 08, 55, 5D, 89, 54, 24, 10, 55, 5D, 8B, 17, 01, 54, 24, 1C, 90, 83, C7, 04, 66, FF, 4C, 24, 18, 75, ED, 90, 80, 64, 24, 1C, FE, 81, 6C, 24, 1C, 06, 01, 00, 00, 50, 16, 17, 9C, 8B, 04, 24, F6, C4, 01, 74, 05, B9, BE, 07, 00, 00, 90, 33, C0, 74, 02, 0F, A5, 87, C9, 9D, C1, E5, 00, 58, 90, 76, 02, C9, C3, 8B, 7C, 24, 14, 90, 8B, 54, 24, 10, 90, 83, C4, 20, B8, F7, FE, FF, FF, 8B, 84...
 
[+]

Entropy:
7.8172  (probably packed)

Code size:
26.9 MB (28,217,344 bytes)

Scan dem2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.