» gameconsole.exe
Overview
Analysis
File Details

gameconsole.exe

Search.us.com

This is a component of the Tightrope WebInstall, a setup program that bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application gameconsole.exe by Search.us.com has been detected as adware by 2 anti-malware scanners.

File name:

gameconsole.exe

Publisher:

Search.us.com (signed and verified)

MD5:

f53d4c0b9dccc135537535a04e9eebe1

SHA-1:

b1d221d09abd889c05a598a16dfe423370e985dc

SHA-256:

f9b6d0e7cd439676e36e39e52c8943daacdb124292515ef5f1fdcc212021a455

Scanner detections:

2 / 68

Status:

Adware

Analysis date:

4/26/2024 9:39:14 AM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

W64.HfsAdware

1.3.0.6379

Reason Heuristics

Threat.Tightrope.Searchus

15.5.5.23

File size:

105.8 KB (108,304 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\appdata\local\tnt2\2.0.0.1958\gameconsole.exe

Digital Signature

Signed by:

Search.us.com

Authority:

VeriSign, Inc.

Valid from:

3/19/2013 7:00:00 PM

Valid to:

3/19/2016 6:59:59 PM

Subject:

CN=Search.us.com, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Search.us.com, L=SAN FRANCISCO, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

53391509B5D4A87249DD2CCE767F64A2

File PE Metadata

Compilation timestamp:

3/19/2015 12:02:21 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

1536:EaHhKEkTpD9IYiErqhajBUstNb+68vyosW4dwCGEkta5t:rHhKEkTx9IYiErqhZIb+uwdEkt

Entry address:

0x2BFC

Entry point:

48, 83, EC, 28, E8, 5B, 2A, 00, 00, 48, 83, C4, 28, E9, 36, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 8B, C1, 48, F7, D9, 48, A9, 07, 00, 00, 00, 74, 0F, 66, 90, 8A, 10, 48, FF, C0, 84, D2, 74, 5F, A8, 07, 75, F3, 49, B8, FF, FE, FE, FE, FE, FE, FE, 7E, 49, BB, 00, 01, 01, 01, 01, 01, 01, 81, 48, 8B, 10, 4D, 8B, C8, 48, 83, C0, 08, 4C, 03, CA, 48, F7, D2, 49, 33, D1, 49, 23, D3, 74, E8, 48, 8B, 50, F8, 84, D2, 74, 51, 84, F6, 74, 47, 48, C1, EA, 10, 84, D2, 74... 
[+]

Entropy:

5.4808

Code size:

41.5 KB (42,496 bytes)

Remove gameconsole.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.