home

gamemanagerv4.exe

Game Manager

LuckyCityGames

The application gamemanagerv4.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from www.bulksharetown.com and multiple other hosts.
Publisher:
LuckyCityGames

Product:
Game Manager

Description:
Game Manager 2

Version:
2.0.0

MD5:
5486150f96faa00fa6d3355744bd8f52

SHA-1:
18af0cb1942b3b0fd6d7a091d72a61c8944ade8c

SHA-256:
1da868a297f54339dfd3862a6123828ee5454a414f31e5984501e38c7cdf0cd3

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/24/2024 11:06:33 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Bundler (M)
16.3.10.21

File size:
3.7 MB (3,931,648 bytes)

Product version:
2.0.0

Original file name:
Game Download Manager.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\game manager v4\gamemanagerv4.exe

File PE Metadata
Compilation timestamp:
2/10/2016 12:14:24 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:KiWJvxUAUfvLInD76AphRjoP9zrZw56pN20tklMWrp3k5RSew8Z1uJS92:6UzvLTApLg9zFKKN20tkMCp3DJS9

Entry address:
0x3662AE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
3.4 MB (3,556,352 bytes)

The file gamemanagerv4.exe has been seen being distributed by the following 16 URLs.

http://www.bulksharetown.com/zoCEY mqAB1jqePkZNmGjVdRnrX_t5kNJTS0Ajwy42l61z6hGZnQFHWedknWO2j0xS92ImAXAoWguETlXj_gdKESFD40qI4JQ_81vlfdSaaP74GwX14vEzS3icAhEgwpVIYIs9RDOD h9uvk9Obi55FektSyMeowRRhvqg9cB1mQBsSPRdNBN8wr5WT0rpDRqAg8uHFSxfHq1ahZZa8C3UAMLBRUqw==-GzIAAERPFtPZpEqoH4IJCnDIgcN3aksCtMAhJ_QdCrJc4 VmolM BIUTsK9R9J4z4RM=

http://global-shared-files-lw.softonic.com/18a/f0c/.../MyGameManager.exe

http://www.filesdeliverybits.com/uyXV2LLZDdGLiwAp I2yV0ATOxppExdPjvzXhG9SquuRZ_eWUM1yXG7cyRuJduWmhX1BLmjMdr4cpJKO_kv3QmsSIzaXjao0KPUyHiVVdNCe0BJymAtz_YQmRxaYWtw9uc2wlob8nIL4bWmZoX72e5QRkcA7imSL2duMrjulWrN5oLgl4TqsCrzg4pl8uWPv0xpeXgoFrldPzJcm3JWjQm_UgyzKOA==-GzIAAERPFtPZpEqoH4IJCnDIgcN3aksCtMAhJ_QdCrJc4 VmolM BIUTsK9R9J4z4RM=

http://www.bulksharetown.com/FA7YKqcO6R0hy2TgNoP5Ae8DShVGKRQR_9jG3SEgio7ZGohFIhUnhTXUcDvcDU5MMCesbqEBRW3rncbd05TppYPS kmFvJMmF3dQ_cVA s9iqejqsR0tTlrNwUcGqYZIYdNb88iz6zFvF_ZlsOfGIzgQqlwrezmVDqUw5d43jVp_ZNabBpwYslcsOVY_9lqRvkrJv0iCRts9dib3b1jmwe_M2ERBA==-GzIAAERPFtPZpEqoH4IJCnDIgcN3aksCtMAhJ_QdCrJc4 VmolM BIUTsK9R9J4z4RM=

http://www.bulksharetown.com/_a02GKxGIbnNtGdoJykO8BHg6ZRttxRfzVLJys7Jux81KHEbR2bZpluCCH27MxUFUmnfestB5evd89mL6wwwxppbqR3X7lBQee5TddnGojWfmwzyP 6IqX RMnT0FFlustdJJ1RMFVvqO2pfXZoLLlnNX13jqG69Rc6uKBKGNudm2k0MxMM7gqtS2PKLIvajKSvae9nj8pZTfc2SwdjIXDpWAx6EeVBEN nGJrtzcLIOQF7QZDZAtHfV0GrjbMrMW6jRUp2G2AMFI6Srs3XfRkDZl3vHK7Be5i0m_jhj99RryCWpEIJzqfdX2Ze1Wyw1WZ64mg6Fv_ePEewycT16WZTx690HRyKCi4djreH4kzSedixalSpapBTkq4KTvimho0gOlSa_edcwEYrPM38XQCGHu9khAFcmTVcYsM894jAYE 43w3nuX7YzvHz5cImWt0cZplQoWypopmIWPD8LdUzZFa7xpqY1Cy3IaPiC_Vo79UPHqDz0QP1_iO8GYMJRJ Hieq5MQDWcLyc88HmDsCvCOTJVlA==-GzIAAERPFtPZpEqoH4IJCnDIgcN3aksCtMAhJ_QdCrJc4 VmolM BIUTsK9R9J4z4RM=-e

http://www.bulksharetown.com/nc8ovGwwRTlCtmufmghIYKsaX1ZICicpuTZ5cZGXuLi8M_a4ZdVGQYfro2zSenBbI9P8_DAEldcSdleDI1mT9fLhSz_R_8BIQk8dmBCHl0i4vy0ulP7oL2wzHrtSuiLI3r9Sp QJqVAWjuZopOXwzpUPZ9iYouVkI gY_dAiSkxJBk2gq5ezAEIIwbqBX75Qkw3xMUK4-GzIAAERPFtPZpEqoH4IJCnDIgcN3aksCtMAhJ_QdCrJc4 VmolM BIUTsK9R9J4z4RM=

http://www.bulksharetown.com/WaGCF15o5z20azztbPlKYIdDIEvEUMogL04W89 FvVn2v8S_iQp_8wpjP 68OWSqNhpqgzO87dz05G6vc_qVJ0rz4m6WAOQ8kkP3At8ujIM7CEICYttthTB8oE3UhpYK9ERRRzqxgyQnPa10BG3X0bH_RHib_Uk7k1MWWgiSOlZfVS3CEDT9Ob8gnN jjoITVemVYb2h-GzIAAERPFtPZpEqoH4IJCnDIgcN3aksCtMAhJ_QdCrJc4 VmolM BIUTsK9R9J4z4RM=

http://www.bulksharetown.com/GLrauGNuOwgpMPxCjRqpjeCbE43IhQo6GNvc7wyVKDtO5thovcURVv2NKLmEvgNzIGTUZaiaMXg5UFF_iMa6M4X5AIGNEJw0oCFiUC7da0fhA1arx cLSNsNY55fPSndsQPrOOoIXvVpGxCN0YvyjtFksIV0xWeVtflwOcJvENeohEodcbwpl4iWbxQfh5V6a2eOq6Ch-GzIAAERPFtPZpEqoH4IJCnDIgcN3aksCtMAhJ_QdCrJc4 VmolM BIUTsK9R9J4z4RM=

http://gofiles.org/.../TheSims2.exe

http://www.bulksharetown.com/aGwvRUCVUMe08AIHifNbySEKIrAj_keU6ZKHirBrLGFbApd6qxebV1pVDBGfzxceo5YyrZ1RTZHlkQA8Xb9 E8YZQUfyARdUQReyknvLPwkIrw2Q4H_Aovj7QSh8TdrfWCT3GRwihA9VDlnAzpZXLWdMDMfj5EPtRk9yoc9A3emoBYxFemkFhvjCpg449FL5Zsf8vHgP-GzIAAERPFtPZpEqoH4IJCnDIgcN3aksCtMAhJ_QdCrJc4 VmolM BIUTsK9R9J4z4RM=

http://los-sims-2-video.softonic.com.br/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAMOviqJZtpsP EeTRnawwZd8kfHX7cYOUNPgjAY4zoCCWbTyEsxB900z 3aXmFRIXhvEI0Io1WjbTpwoNlD4CSmGF/D U9EMWzSkvt/.../ZTL1h1yzN2kfndw4=

http://up.bav.baidu.com/?rh=8629E99EF4ED6AC8FD16AD1727169719&baidusign=28870100&baidurand=15313

http://the-sims-2-trailer.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAMOviqJZtpsP EeTRnawwZd8kfHX7cYOUNPgjAY4zoCCWbTyEsxB900z 3aXmFRIXhvEI0Io1WjbTpwoNlD4CSmGF/D U9EMWzSkvt/.../ZTL1h1yzN2kfndw4=

http://mysims2.uploadtobox.com/MySims2.exe

http://plantsvszombies.uploadtobox.com/MyGameManager.exe

http://gsf-cf.softonic.com/18a/f0c/.../MyGameManager.exe

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP SSL):
Connects to jn-in-f82.1e100.net  (209.85.234.82:443)

TCP (HTTP SSL):
Connects to wb-in-f82.1e100.net  (66.102.1.82:443)

TCP (HTTP SSL):
Connects to wb-in-f100.1e100.net  (66.102.1.100:443)

TCP (HTTP SSL):
Connects to sb-in-f82.1e100.net  (74.125.130.82:443)

TCP (HTTP SSL):
Connects to qv-in-f82.1e100.net  (209.85.144.82:443)

TCP (HTTP SSL):
Connects to qt-in-f82.1e100.net  (209.85.232.82:443)

TCP (HTTP SSL):
Connects to kul01s09-in-f78.1e100.net  (216.58.196.78:443)

TCP (HTTP SSL):
Connects to d28-23-24-251.dim.wideopenwest.com  (23.28.251.24:443)

TCP (HTTP SSL):
Connects to cache.google.com  (92.87.175.37:443)

Remove gamemanagerv4.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.