home

farmingsimulator_15268685_270.exe

Monkeke Inc.

The application farmingsimulator_15268685_270.exe by Monkeke has been detected as a potentially unwanted program by 5 anti-malware scanners.
Publisher:
Monkeke Inc.  (signed and verified)

MD5:
d9c6ca2866896a106fd22424195b67d7

SHA-1:
7d6229f68f5ddf961791e498bc7e08b26619d0d9

SHA-256:
da92c4791eba2a8a54e2dbffa1f0ea3bcd66f49760456395ede073f444cc6576

Scanner detections:
5 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 4:17:56 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:PUP-gen [PUP]
2014.9-160915

Comodo Security
UnclassifiedMalware
15072

ESET NOD32
Win32/Adware.Toolbar.Webalta.BR
10.7938

Kaspersky
not-a-virus:HEUR:Downloader.Win32.Walta
14.0.0.-407

Trend Micro House Call
TROJ_GEN.F47V0125
7.2.259

File size:
1.6 MB (1,630,000 bytes)

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Monkeke Inc.

Authority:
GoDaddy.com, Inc.

Valid from:
2/1/2012 7:51:32 PM

Valid to:
2/1/2013 7:51:32 PM

Subject:
CN=Monkeke Inc., O=Monkeke Inc., L=Flemington, S=MO, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
0453F0B8F59ABD

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:9VIBa/wQY9nDDGjyXNuzwG2uGohe7PDCr6YN4lEkkhZcNL0m3rTFN23VIp:/lwp9DCizH0nAUZcNLn3NNIKp

Entry address:
0xA8018

Entry point:
55, 8B, EC, 83, C4, F0, B8, 40, 7D, 4A, 00, E8, EC, E9, F5, FF, A1, 90, AE, 4A, 00, 8B, 00, E8, F0, 44, FB, FF, 8B, 0D, FC, AF, 4A, 00, A1, 90, AE, 4A, 00, 8B, 00, 8B, 15, 38, 25, 47, 00, E8, F0, 44, FB, FF, 8B, 0D, 3C, B0, 4A, 00, A1, 90, AE, 4A, 00, 8B, 00, 8B, 15, 0C, 23, 47, 00, E8, D8, 44, FB, FF, 8B, 0D, 2C, AE, 4A, 00, A1, 90, AE, 4A, 00, 8B, 00, 8B, 15, 5C, 7B, 4A, 00, E8, C0, 44, FB, FF, A1, 90, AE, 4A, 00, 8B, 00, E8, 34, 45, FB, FF, E8, 23, C3, F5, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
668.5 KB (684,544 bytes)

Remove farmingsimulator_15268685_270.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.