» dungeon_rider.exe
Overview
Analysis
File Details
Programs (1)
Downloads (3)

dungeon_rider.exe

Media Contact LLC

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from z.gametop.com and multiple other hosts.

File name:

dungeon_rider.exe

Publisher:

Media Contact LLC

Description:

Dungeon Rider Setup

MD5:

67b3de231b25c7270740ffd87fcf3336

SHA-1:

a8b635fb21093d34d8e1e2512d4fb0982081f7d1

SHA-256:

eba2041922a238993db845322d9713eb4fc59c48662fd759cc096286de540758

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 4:35:26 PM UTC (today)

File size:

16.7 MB (17,461,865 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

English (United States)

File PE Metadata

Compilation timestamp:

6/20/1992 2:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

393216:ZLBztZBMPwBeez6U34EBuvBAv1XPhbS/TjT/X8vyWa16PB/llPDZId/cVj:ZprJjz6FAd/hbCXT/svfpp9dZI1cx

Entry address:

0x98BC

Entry point:

55, 8B, EC, 83, C4, CC, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 0A, 98, FF, FF, E8, 11, AA, FF, FF, E8, 3C, CC, FF, FF, E8, 83, CC, FF, FF, E8, 0A, F3, FF, FF, E8, 71, F4, FF, FF, 33, C0, 55, 68, 66, 9F, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 1C, 9F, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, B0, 40, 00, E8, 9B, FE, FF, FF, E8, 26, FA, FF, FF, 8D, 55, F0, 33, C0, E8, FC, D0, FF, FF, 8B, 55, F0, B8, D4, BD, 40, 00, E8, BB, 98, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, D4, BD, 40, 00, B2, 01, B8... 
[+]

Entropy:

7.9999

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

36 KB (36,864 bytes)

The file dungeon_rider.exe has been discovered within the following program.

COWON Media Center - jetAudio Plus VX by COWON

Some versions of COWON Media Center bundles a branded version of the Conduit Toolbar, which delivers search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar.

www.cowonamerica.com

30% remove it

The file dungeon_rider.exe has been seen being distributed by the following 3 URLs.

http://z.gametop.com/.../Dungeon_Rider.exe

http://www.portal24h.pl/pobierz/func-download/1246/chk-68b66aa69773eb2d1bcc055b387c890a/.../

http://e.gametop.com/.../Dungeon_Rider.exe

Scan dungeon_rider.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.