gamesplayerinstall.exe

RealGames Europe B.V.

This is a self-extracting archive and installer. The file has been seen being downloaded from cdn.media.zylom.com.
Scan gamesplayerinstall.exe - Powered by Reason Core Security
Publisher:
RealGames Europe B.V.  (signed and verified)

MD5:
b27ed243672e631202daed79fee3e345

SHA-1:
71449d3e1143c6ff53b37b8f0c2960f443e1e7ec

SHA-256:
eecf0448b41362a592c1b0537235f464f0005bd3d290bf02d10bd2bed6005c69

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
12/5/2016 1:44:06 PM UTC  (today)

Scan engine
Detection
Engine version

Antiy Labs AVL
Trojan[:HEUR]/Win32.Unknown
1.0.0.1

ByteHero BDV
Virus.Win32.Part.a
6.10.2014.10

File size:
498.8 KB (510,800 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\gamesplayerinstall.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
5/18/2009 7:00:00 PM

Valid to:
5/27/2012 6:59:59 PM

Subject:
CN=RealGames Europe B.V., OU=Zylom Games, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=RealGames Europe B.V., L=Eindhoven, S=Noord-Brabant, C=NL

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7DBAA6044AD76F847804FD36704F0C73

File PE Metadata
Compilation timestamp:
6/30/2009 6:09:48 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
12288:wbXjq82xw1F5CPz3ppGiReAwNxUc97k9vZtqKiBAGX2Kx:wbXjq82xw1Fqz3ppGiURNuc97kR8BA3m

Entry address:
0x2732C

Entry point:
6A, 60, 68, 20, 80, 43, 00, E8, F4, C4, FF, FF, BF, 94, 00, 00, 00, 8B, C7, E8, 4C, C6, FF, FF, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, F8, 51, 43, 00, 8B, 4E, 10, 89, 0D, C0, 3E, 44, 00, 8B, 46, 04, A3, CC, 3E, 44, 00, 8B, 56, 08, 89, 15, D0, 3E, 44, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, C4, 3E, 44, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, C4, 3E, 44, 00, C1, E0, 08, 03, C2, A3, C8, 3E, 44, 00, 33, F6, 56, 8B, 3D, CC, 50, 43, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03...
 
[+]

Entropy:
7.2859

Developed / compiled with:
Microsoft Visual C++ v7.0

Code size:
208 KB (212,992 bytes)

The file gamesplayerinstall.exe has been discovered within the following programs.

Web Games Player Plugin  by Zylom Games
Downloadable games and various web games require this software to be installed on the user's PC. In some cases the installer bundles additional software including toolbars and web browser extensions.
www.zylom.com
56% remove it
Zylom Games Player Plugin  by Zylom Games
The downloadable versions of games are called Deluxe games. Anyone who registers (for free) can download free trials of the Deluxe games before purchasing. New games are released every week – one online game and two Deluxe games.
24% remove it
 
Powered by Should I Remove It?

The file gamesplayerinstall.exe has been seen being distributed by the following URL.

Scan gamesplayerinstall.exe - Powered by Reason Core Security