» enchantedcavern2pt_21222.exe
Overview
Analysis
File Details
Downloads (5)

enchantedcavern2pt_21222.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from cloud.bluestacks.com and multiple other hosts.

File name:

MD5:

92fae1a3984b2b18a6f5662e665314b6

SHA-1:

e492dbcd5c7ae78178107765b73ee4fb61e117a1

SHA-256:

7c64753c428093354a1abbb31cfa68d46e616eface26a52d163da9e50c482935

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/17/2024 4:54:07 AM UTC (today)

File size:

283 Bytes

File type:

Executable application (Win64 EXE)

Common path:

C:\Program Files\positivo games\content\temp\download\enchantedcavern2pt_21222.exe

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

6:qFzLvHqV3Kik6QcjWR0NNEXW0YSA2q8UkwnfA+BTBY4NhdxwI78Bq4Qb:mHqjk6QclfyArznfACO4NbxwXQb

Entry point:

3C, 68, 74, 6D, 6C, 3E, 0A, 3C, 68, 65, 61, 64, 3E, 0A, 3C, 6D, 65, 74, 61, 20, 48, 54, 54, 50, 2D, 45, 51, 55, 49, 56, 3D, 22, 50, 72, 61, 67, 6D, 61, 22, 20, 43, 4F, 4E, 54, 45, 4E, 54, 3D, 22, 6E, 6F, 2D, 63, 61, 63, 68, 65, 22, 3E, 0A, 3C, 6D, 65, 74, 61, 20, 68, 74, 74, 70, 2D, 65, 71, 75, 69, 76, 3D, 22, 43, 6F, 6E, 74, 65, 6E, 74, 2D, 54, 79, 70, 65, 22, 20, 63, 6F, 6E, 74, 65, 6E, 74, 3D, 22, 74, 65, 78, 74, 2F, 68, 74, 6D, 6C, 3B, 20, 63, 68, 61, 72, 73, 65, 74, 3D, 55, 54, 46, 2D, 38, 22, 3E, 0A... 
[+]

The file enchantedcavern2pt_21222.exe has been seen being distributed by the following 5 URLs.

http://cloud.bluestacks.com/api/getdownload?platform=win&win_version=7&utm_source=&utm_medium=&utm_campaign=homepage-dl-button-pt-br&referrer=https://www.google.com.br/&first_landing_page=http://www.bluestacks.com/pt-br/index.html?__dlrd=1&download_page_referrer=http://www.bluestacks.com/pt-br/index.html?__dlrd=1&gaCookie=GA1.2.1349265137.1477238261&affiliateId=&offerId=&transaction_id=&aff_sub=&platform_cloud={"description":"Chrome 54.0.2840.71 on Windows Server 2008 R2 / 7 64-bit","layout":"Blink","manufacturer":null,"name":"Chrome","prerelease":null,"product":null,"ua":"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/.../ 7","version":"7"}}

http://www.downloadonic.com/FreeWiFiHotspot.exe

http://skygetfile.co/.../280815_cr.exe

http://webgameplayer.tibaco.net/.../webgameplayer.exe

http://cdnrep.reimage.com/.../ReimageExpressPackage1034a.exe

Scan enchantedcavern2pt_21222.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.