» dofusinstaller.exe
Overview
Analysis
File Details
Downloads (12)

dofusinstaller.exe

$(^Name)

Ankama Games

The program is a setup application that uses the Nullsoft Install System installer. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.

File name:

dofusinstaller.exe

Publisher:

Ankama Games (signed and verified)

Product:

$(^Name)

Version:

1.0.0

MD5:

0389b781cb7d9b3e4cd68f0d423ed56f

SHA-1:

c6234a2fd75f7342864d54beb7aa74002d3c050d

SHA-256:

ab5bc38e3af840efbe7b7e9524c3edfdda61c81ec17a0a80927c0518903fac6c

Scanner detections:

2 / 68

Status:

Inconclusive (probably just false positive detections)

Analysis date:

4/23/2024 5:24:06 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Threat.Win.Reputation.IMP

16.12.1.2

Trend Micro

PAK_Generic.005

10.465.02

File size:

6.4 MB (6,675,216 bytes)

Product version:

1.0.0

File type:

Executable application (Win32 EXE)

Installer:

Nullsoft Install System

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\dofusinstaller.exe

Digital Signature

Signed by:

Ankama Games

Authority:

Thawte, Inc.

Valid from:

8/5/2013 2:00:00 AM

Valid to:

8/6/2015 1:59:59 AM

Subject:

CN=Ankama Games, OU=Editeur, O=Ankama Games, L=Roubaix, S=Nord, C=FR

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

1DAF2407E53BA7C004C253209A2EB841

File PE Metadata

Compilation timestamp:

1/5/2012 7:21:36 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.22

CTPH (ssdeep):

196608:WC7LUHf/wCWfZQRrSANBlaN0CaCmq+zAtzIss7PAb0Rq:XUHXw9/4lKgxqNIsGzq

Entry address:

0x4131

Entry point:

55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, FF, 15, 74, 43, 43, 00, C7, 04, 24, 01, 80, 00, 00, FF, 15, 58, 44, 43, 00, 53, C7, 04, 24, 00, 00, 00, 00, FF, 15, 98, 44, 43, 00, 56, A3, F4, 27, 43, 00, C7, 04, 24, 08, 00, 00, 00, E8, 8B, 3B, 00, 00, A3, 50, 28, 43, 00, 8D, 85, 84, FE, FF, FF, 57, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, A9, B2, 40, 00, FF, 15, AC, 44, 43, 00, 83, EC, 14, C7, 44, 24, 04, AA, B2, 40, 00, C7... 
[+]

Code size:

33.5 KB (34,304 bytes)

The file dofusinstaller.exe has been seen being distributed by the following 12 URLs.

https://dw.uptodown.com/dwn/KbYZWvN56cuiRwhaUqBF-6b9NKVte6wr5x8pQqvUOqUk4WHQno7zICRpOsgBECWaq3zMzVg4vMzeGpJSNrdLt9ItGLgfC5Wj6CNtcipbmBSAUY1DcEWG3psLd3ehoFFI/zfSiT-t11t6P2xGYD_vXglDwkPvl7nEg-DuEWtxVGK87Him5tHfY5Sk6p3EH1_xbQfdtOOw-QYhA6yibo0s1jYD4TPCE89rB-CSMpoziXegc4HqckhDG52iIoxzSxHgU/pYjpZ2T-Q2UzNK28U-4nq2x0IA5ncRESrODtjmVOz3bQ6ec39gk3rXkFljiiw4LS6t-fSfW5axyfIBPWysfeLt4I6AnyEGiLuDY6Sp1lfcv8JyB7Oe1UBDPkxpg3iSaY/.../

http://dw.uptodown.com/dwn/Q4ku_srGAeDqmIeyfUxGqtZE_sQssHO9yvxZNJ8Hx6i9y9HXL61oVIL6g7SGedD_SpPmAp0w6O3-BX8IroT8gx9Kwujz8bIT2sN_19iC7YptU3HeNaiv5HPlGHg13f4h/nzqsG1lGYGj_MOptguX76lJgiZXlmZva2r0x8_o-tO05YNBBxnNvSpAn_ajw-cvBcXX08PaUGb3Y0QPNlWJo4i3woTDpU2oqZTHP9QIy_Dv6k06JA8eDmRh00t6mQE0j/6m_RsSRXcrAkUTdjygJb9zoxWvEO1Xb3eVH8LRcjleH-dlnk1uNRvUZVtZG0Rvy07eru_x9gl5mcXzVYwfXcwavJMQQn3WWMgVKu59XZRuGPon-62if85T-_FCyBorX-/.../

https://dw.uptodown.com/dwn/PkiUI6GArXNZIkLS2-EC1VdC7TkeAD4iBu3-0W5SSz3a3gC525ll0TPF5NBKoLj4rv4Dv63K2bVElgvEtIAUsPQNHAj5Y1k1nhIDB-wlOZIh80zI_C4Qn1DSnMcn2KyL/HO0DBSfsr1jLIt2HgR8LlNwUOVkoRdv9xBc27vfULIjrMhPNkDNFYf1wlT9cNxiBVf5_tzkusmd1Mn5A-DsBjK3TbWybJp2Da6G0CKOawybw8Spn6VPWnU8g8ziE-NaZ/.../

http://dw.uptodown.com/dwn/o9Ik67j17gt3_b0J6T1AJk0RDbp2IKtxX3K3iC7nrzQPs2OFr7VB6oYutXiQwk-wSIDB-ybBb8yNYGDOIbm9PpoMXBGulropGBSP7ZSHcvznphZGyJJpE2wgrZyIybR9/.../

http://dw.uptodown.com/dwn/lrxN_2DSaTL-PZODzs29HChS0hewQk9owqEI0bK5IeZgMJRtCgQhBvQ3E9w1Y0tkFikVVngMzOqcSlZ04zX0GRKJM0O2Fpxfpgj8MpkrWMyWbiQYC_rmZJ4o73NOuVcE/.../

http://dw.uptodown.com/dwn/JcWCc71cMDnbtVUNF4ccn57ZWHaCkG1nGqhNITsZ_zfxjQhLhVAHn1QKZ2m5IVMNDtOEXIOddIN8oZRAFAaJ6edXK5YxXh3UAaaVRhWkU6xddxbMNIgz71i6EBrVyca-/bJSkolCowSD29FVVgPDxXkoCjIcBiTzW50d5XlD3C1QHTn7S9RT-H9x63TxLAkLVyHFgbLBM-M5NVrbybegl62Qyss9KANd0UPOO3SZ1FN6uKUA7uswnKK3lhndY50SU/.../

http://dw.uptodown.com/dl/1433880325/.../dofus-2-22-multi-win.exe

http://dw.uptodown.com/dwn/WWJf0oNaSWEaaqGfyLHaw3H-jgvwTA9y3Ep_4FYYa8WvGZKf5v1U2to19mw55tYUi7Z0-38oOfdXZ7zUSQtwwAwz1LKGI9JyMZiNmGqVOnaYssfeWsK_tarphi5zS8se/y6QNs9c2vqRUZ4XfurZlwfFMr5-2HjAuWvezXHXhCKRx3WfSZGUJJ6x-F0rFhjy8F21i_jUAyRhvMn3rKRHvRkjlrurCqw6ABOXylhJp4Up0eMQrShlmtX85SFbkBRK9/.../

http://dw.uptodown.com/dwn/QQobvnsQh2ZXakkcn9bYW4Q6JMgPXKfCZsPvkAsjrPva5cDZExlHdk8iHDQBV4G11EYkQLx2-OGmhWNDzKKSwyOSwAhd8UF863YIHzCIXUaL_6UoEVWIARAsORTlaXl7/.../

http://dw.fr.uptodown.com/dl/1438073942/.../dofus-2-22-multi-win.exe

http://dl.ak.ankama.com/games/dofus2/.../DofusInstaller.exe

http://download.dofus.com/full/.../

Scan dofusinstaller.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.