» gamesplayerinstall.exe
Overview
Analysis
File Details
Programs (1)
Downloads (1)

gamesplayerinstall.exe

RealGames Europe B.V.

This is a self-extracting archive and installer. The file has been seen being downloaded from cdn.media.zylom.com.

File name:

Publisher:

RealGames Europe B.V. (signed and verified)

MD5:

04df2af6fc311f0c1e38bc74e68aa659

SHA-1:

42e6e7353dbd34f8edccacad58f0f13dcfc1495f

SHA-256:

8d56158487d423bc4a8c11f080f1a6de3d160974649933594fae84e68817e08b

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/26/2024 8:52:01 PM UTC (today)

Scan engine

Detection

Engine version

Trend Micro House Call

TROJ_GEN.F47V0429

7.2.163

File size:

499.2 KB (511,152 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\gamesplayerinstall.exe

Digital Signature

Signed by:

RealGames Europe B.V.

Authority:

VeriSign, Inc.

Valid from:

5/19/2009 2:00:00 AM

Valid to:

5/28/2012 1:59:59 AM

Subject:

CN=RealGames Europe B.V., OU=Zylom Games, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=RealGames Europe B.V., L=Eindhoven, S=Noord-Brabant, C=NL

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

7DBAA6044AD76F847804FD36704F0C73

File PE Metadata

Compilation timestamp:

6/30/2009 1:09:48 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

12288:ibXjq82xw1F5CPz9AJJ50wNx8Giyk9vZiYOiBAGX2K6:ibXjq82xw1Fqz9AJJ5dN2NykRzBA3K6

Entry address:

0x2732C

Entry point:

6A, 60, 68, 20, 80, 43, 00, E8, F4, C4, FF, FF, BF, 94, 00, 00, 00, 8B, C7, E8, 4C, C6, FF, FF, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, F8, 51, 43, 00, 8B, 4E, 10, 89, 0D, C0, 3E, 44, 00, 8B, 46, 04, A3, CC, 3E, 44, 00, 8B, 56, 08, 89, 15, D0, 3E, 44, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, C4, 3E, 44, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, C4, 3E, 44, 00, C1, E0, 08, 03, C2, A3, C8, 3E, 44, 00, 33, F6, 56, 8B, 3D, CC, 50, 43, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03... 
[+]

Developed / compiled with:

Microsoft Visual C++ v7.0

Code size:

208 KB (212,992 bytes)

The file gamesplayerinstall.exe has been discovered within the following program.

Zylom Games Player Plugin by Zylom Games

The downloadable versions of games are called Deluxe games. Anyone who registers (for free) can download free trials of the Deluxe games before purchasing. New games are released every week – one online game and two Deluxe games.

www.zylom.com

24% remove it

The file gamesplayerinstall.exe has been seen being distributed by the following URL.

http://cdn.media.zylom.com/plugin/custom/1/2/.../gamesplayerinstall.exe

Scan gamesplayerinstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.