home

GarenaTotal.exe

Garena Total

Bui Minh Hieu

It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in.
Publisher:
HBM  (signed by Bui Minh Hieu)

Product:
Garena Total

Version:
1.0.0.1

MD5:
ff2230c19d5227f94d4dcae8667036fa

SHA-1:
99d2265b14a71ac51bd3223843e864594dfd9aec

SHA-256:
acd352ac16263ff1142f2dd9f16d56a7535b2acba375dbb50da6d2a3137ed086

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/20/2024 4:20:31 AM UTC  (today)

File size:
421.5 KB (431,624 bytes)

Product version:
1.0.0.1

Copyright:
(c) HBM. All rights reserved.

Original file name:
GarenaTotal.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
Bui Minh Hieu

Authority:
Thawte, Inc.

Valid from:
6/25/2013 4:30:00 AM

Valid to:
6/22/2014 4:29:59 AM

Subject:
CN=Bui Minh Hieu, OU=Individual Developer, O=No Organization Affiliation, L=Hai Phong, S=Hai Phong, C=VN

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
390FFB4CA3DF2C543CFF80F164F4BB2A

File PE Metadata
Compilation timestamp:
3/11/2014 10:06:14 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:MINh/WLLCSFipRDhsYgvfaUfdW2fG4HQROXrbSwewPDAF/b7YcmhNP3VBHlKibA:Jh7hgvftfdWCG4wRGe3w7AF/b8zjVjA

Entry address:
0x2C4CF

Entry point:
E8, 7E, 6B, 00, 00, E9, 17, FE, FF, FF, FF, 35, 60, 07, 46, 00, E8, E0, 65, 00, 00, 85, C0, 59, 74, 02, FF, D0, 6A, 19, E8, 05, 5A, 00, 00, 6A, 01, 6A, 00, E8, DE, 6C, 00, 00, 83, C4, 0C, E9, E3, 6B, 00, 00, 3B, 0D, C4, C8, 45, 00, 75, 02, F3, C3, E9, EF, 6C, 00, 00, 51, C7, 01, 2C, C6, 44, 00, E8, E7, 6D, 00, 00, 59, C3, 56, 8B, F1, E8, EA, FF, FF, FF, F6, 44, 24, 08, 01, 74, 07, 56, E8, 1B, 06, FE, FF, 59, 8B, C6, 5E, C2, 04, 00, 8B, 44, 24, 04, 83, C1, 09, 51, 83, C0, 09, 50, E8, 33, 6E, 00, 00, F7, D8...
 
[+]

Entropy:
6.3621

Code size:
277 KB (283,648 bytes)

Scheduled Task
Task name:
Auto-Joiner.exe

Trigger:
Logon (Runs on logon)


Scan GarenaTotal.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.