home

ek015.exe

n/a

This is a setup program which is used to install the application. The file has been seen being downloaded from www.moddb.com and multiple other hosts.
Publisher:
n/a

Product:
n/a

Version:
1,0,0,0

MD5:
7db5ecb77525a2a369da7d23b3ead108

SHA-1:
121b09ba711768975f7ecf7b14afbbbe1f812d10

SHA-256:
b8b7022343678887c354e3b46397a99acae1329ad5be157e151e88bfbecdaea1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/16/2024 8:31:51 AM UTC  (today)

File size:
128.6 MB (134,829,015 bytes)

Product version:
n/a

Copyright:
n/a

Original file name:
n/a

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\ek015.exe

File PE Metadata
Compilation timestamp:
1/10/2013 12:50:21 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
2.50

CTPH (ssdeep):
3145728:fyJYX3wKzQkUu5OJltkpSQ5DD2SdT9uW2Vb3baTrOFXEX/usIU8:fkwXzzGtkgQkSdT9uW2VWTqFy/EX

Entry address:
0x1000

Entry point:
48, 83, EC, 28, 49, C7, C0, 98, 07, 00, 00, 48, 31, D2, 48, B9, D0, 87, 0A, 40, 01, 00, 00, 00, E8, 94, B1, 06, 00, 48, 31, C9, E8, 92, B1, 06, 00, 48, 89, 05, AC, 77, 0A, 00, 4D, 31, C0, 48, C7, C2, 00, 10, 00, 00, 48, 31, C9, E8, 7F, B1, 06, 00, 48, 89, 05, 8B, 77, 0A, 00, 48, B8, F0, D3, 09, 40, 01, 00, 00, 00, 48, 89, 05, 92, 77, 0A, 00, E8, 85, 42, 08, 00, E8, 38, 33, 08, 00, E8, 1B, 1D, 08, 00, E8, CE, 0A, 08, 00, E8, 5D, 07, 08, 00, E8, 88, 04, 08, 00, E8, F7, E3, 07, 00, E8, 02, D6, 07, 00, E8, 25...
 
[+]

Entropy:
7.9990  (probably packed)

Code size:
574.5 KB (588,288 bytes)

The file ek015.exe has been seen being distributed by the following 25 URLs.

http://www.moddb.com/downloads/mirror/69563/110/1a9a40644e078a8b7546c5fe10e8da5d/?referer=http://www.moddb.com/mods/elder-kings/.../elder-kings-015-released

http://www.moddb.com/downloads/mirror/69563/.../6f3b4aded65cd97cc24ebec85c423dc8

http://www.moddb.com/downloads/mirror/69563/102/e43ced66d9dea9196c1b7ebbb29d1135/?referer=http://www.moddb.com/mods/elder-kings/.../elder-kings-015-released

http://www.moddb.com/downloads/mirror/69563/.../e37099805435146e978afffd1e0b8753

http://www.moddb.com/downloads/mirror/69563/.../8cee67380bb111d26b4fa89d63b7290b

http://www.moddb.com/downloads/mirror/69563/.../e481dabeb33b687a0dd6f25ba8b2375c

http://www.moddb.com/downloads/mirror/69563/.../74f650b5e3ccf7f620fa1f4260611480

http://www.moddb.com/downloads/mirror/69563/.../1a9a40644e078a8b7546c5fe10e8da5d

http://www.moddb.com/downloads/mirror/69563/.../88371a1ee9757977e1be65650d3505ec

http://www.moddb.com/downloads/mirror/69563/.../8cee67380bb111d26b4fa89d63b7290b

http://www.moddb.com/downloads/mirror/69563/.../6a9d742415a2799af4a72d4a748ca0cf

http://s7691.chomikuj.pl/File.aspx?e=XmkyY0Uzdsdu83vc6n1VZ_v1hY3CM9PP4G_HVQJy3CtyDBCrxI9IVEFm9c8EIJq8SrOfcGvpZkQ6aG5bmfesLuZelbXlMbRNo4zXL6VJRxBy_OfdCGPgzUWDoAevYlhNvJPz6bzXq03tDx_kbFRJ0Q&pv=2

http://www.moddb.com/downloads/mirror/69563/.../1a9a40644e078a8b7546c5fe10e8da5d

http://www.moddb.com/downloads/mirror/69563/.../98826e5ca14e24d530599b95027ad575

http://www.moddb.com/downloads/mirror/69563/.../44d35b8770bc27ef5aa3de7d058b119d

http://www.moddb.com/downloads/mirror/69563/.../e28ad02431f7d3cd50c07cd0fc3ccb40

http://media1.gamefront.com/moddb/2014/05/.../EK015.exe

http://sjc1.dl.dbolical.com/2014/05/.../EK015.exe

http://www.moddb.com/downloads/mirror/69563/.../45020d2d676ec036175bd9fba3e1f97b

http://sjc2.dl.dbolical.com/2014/05/.../EK015.exe

http://www.moddb.com/downloads/mirror/69563/.../88371a1ee9757977e1be65650d3505ec

http://sjc4.dl.dbolical.com/2014/05/.../EK015.exe

http://www.moddb.com/downloads/mirror/69563/.../de2659342faa806828d9ed79a15b80ed

http://ams4.dl.dbolical.com/2014/05/.../EK015.exe

http://www.moddb.com/downloads/mirror/69563/.../1a9a40644e078a8b7546c5fe10e8da5d

Scan ek015.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.