home

engine.exe

Behaviour Game Engine

Behaviour Interactive

The executable engine.exe has been detected as malware by 10 anti-virus scanners. The file has been seen being downloaded from download1616.mediafire.com.
Publisher:
Behaviour Interactive

Product:
Behaviour Game Engine

Version:
3.5.000Jenkins

MD5:
655f22b520e3d495c1f75f790f5eea4a

SHA-1:
afac54ae09fbdb5889d40d7fa89cbbf562093885

SHA-256:
ea55c5b59d0e84917c71a91e648e7b07866febc04fc508eedcfd5017b363e302

Scanner detections:
10 / 68

Status:
Malware

Analysis date:
4/26/2024 9:35:02 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAutoB
1.3.0.4959

Comodo Security
UnclassifiedMalware
17960

Fortinet FortiGate
Malware_fam.NB
3/27/2014

McAfee
Artemis!655F22B520E3
5600.7178

Norman
Troj_Generic.EFZET
11.20140327

Panda Antivirus
Generic Trojan
14.03.27.03

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_SPNR.0BDK13
7.2.86

Trend Micro
TROJ_SPNR.0BDK13
10.465.27

VIPRE Antivirus
Trojan.Packed.NsAnti
27562

File size:
3 MB (3,192,832 bytes)

Product version:
3.5.000Jenkins

Copyright:
Copyright (C) 2012

Original file name:
EngineImplementation.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\disney interactive studios\disney-pixar merida legende der highlands\engine.exe

File PE Metadata
OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:ANBlPDbHtjrVGfnaGk6D8e6FBHZFwqcITPW/ElJUrElJU6Uj8D9LY:KlLbHyfdksOFBHVUoD

Entry address:
0x20332C70

Entry point:
E8, AC, 00, 00, 00, 18, 70, 56, 00, 14, 70, 56, 00, 52, 4C, 44, 21, 7D, 95, 55, A6, E9, 97, D9, 48, 80, E8, 27, 3A, 76, 5F, E8, 20, 09, E7, 9D, E9, B9, 1E, C6, 63, E9, D3, CF, F7, 9C, E8, 88, DF, E3, AB, E8, 6B, 99, A1, 49, E9, 56, 54, 16, D8, E9, 26, F9, 19, 79, E8, 68, C5, 9B, AD, E8, 83, B9, 3D, D6, E9, 24, E9, A3, 84, E8, BD, F7, 5C, 06, E9, EB, 9C, 05, 8D, E9, 24, 1B, F6, 25, E9, BF, B3, 4C, 2E, E9, 36, 1D, AD, 79, E8, 93, A7, 8D, 3C, E8, CD, 14, 02, AE, E9, DD, A1, 06, 6F, E9, EC, AE, BD, EC, E8, E8...
 
[+]

Entropy:
7.4194

Code size:
1.7 MB (1,757,696 bytes)

The file engine.exe has been seen being distributed by the following URL.

http://download1616.mediafire.com/jzc2op4fpbjg/.../Engine.exe

Remove engine.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.