home

gameconsole.exe

Search.us.com

This is a component of the Tightrope WebInstall, a setup program that bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application gameconsole.exe by Search.us.com has been detected as adware by 4 anti-malware scanners.
Publisher:
Search.us.com  (signed and verified)

MD5:
0f74a143ba7dfc5b75eff6f4123090c6

SHA-1:
98e9aa9e0f95aa584f2e9dd2d54fb64abaf873c1

SHA-256:
4f43d8673a55f78f87cde61fc1baa9fb1ac6dae867d39f987d0d3e2062f1c14f

Scanner detections:
4 / 68

Status:
Adware

Analysis date:
4/25/2024 1:49:25 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Adware.Toolbar.622
9.0.1.05190

ESET NOD32
Win32/Toolbar.TNT2.D potentially unwanted application
8.0.319.0

Reason Heuristics
PUP.Tightrope.Searchus (M)
16.7.6.6

File size:
1.2 MB (1,228,800 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\tnt2\2.0.0.1599\gameconsole.exe

Digital Signature
Signed by:
Search.us.com

Authority:
VeriSign, Inc.

Valid from:
3/20/2013 12:00:00 AM

Valid to:
3/19/2016 11:59:59 PM

Subject:
CN=Search.us.com, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Search.us.com, L=SAN FRANCISCO, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
53391509B5D4A87249DD2CCE767F64A2

File PE Metadata
Compilation timestamp:
6/24/2013 3:01:12 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
1536:AiHByMsThD6sYyErqhajB/cFTb+U8HyosW4dwzcoEta0:fHByMsTJ6sYyErqhuib+QwwoEt

Entry address:
0x2BFC

Entry point:
48, 83, EC, 28, E8, 5B, 2A, 00, 00, 48, 83, C4, 28, E9, 36, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 8B, C1, 48, F7, D9, 48, A9, 07, 00, 00, 00, 74, 0F, 66, 90, 8A, 10, 48, FF, C0, 84, D2, 74, 5F, A8, 07, 75, F3, 49, B8, FF, FE, FE, FE, FE, FE, FE, 7E, 49, BB, 00, 01, 01, 01, 01, 01, 01, 81, 48, 8B, 10, 4D, 8B, C8, 48, 83, C0, 08, 4C, 03, CA, 48, F7, D2, 49, 33, D1, 49, 23, D3, 74, E8, 48, 8B, 50, F8, 84, D2, 74, 51, 84, F6, 74, 47, 48, C1, EA, 10, 84, D2, 74...
 
[+]

Entropy:
0.7150

Code size:
41.5 KB (42,496 bytes)

Remove gameconsole.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.