home

gw2.exe

Guild Wars 2

ArenaNet Inc.

Publisher:
ArenaNet  (signed by ArenaNet Inc.)

Product:
Guild Wars 2

Description:
Guild Wars 2 Game Client

Version:
1, 0, 0, 1

MD5:
8837cc5b54755f0087b5fcdf07cd9ac5

SHA-1:
156d6d20d4ee9212d583d1dcc43f7f772465a02f

SHA-256:
c2d7c05b3dccbd627aecfc79aa2398daa3331aec54e6b786af4f3a55f8b5238c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 10:16:24 PM UTC  (today)

File size:
22.4 MB (23,505,400 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (c) 2006 ArenaNet

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\gw2.exe

Digital Signature
Signed by:
ArenaNet Inc.

Authority:
Thawte, Inc.

Valid from:
4/18/2012 1:00:00 AM

Valid to:
4/19/2014 12:59:59 AM

Subject:
CN=ArenaNet Inc., O=ArenaNet Inc., L=Bellevue, S=Washington, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
402C7DE1729D312321179FC710542B51

File PE Metadata
Compilation timestamp:
1/17/2014 11:56:27 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
393216:+nKh7345qutUalhhoLSMYmEPUeewGF+y45FFk8pJuqmEhfau7XpVeth:+nKR3qaTnw0+yIF7pJuqmEhflVc

Entry address:
0x55E76F

Entry point:
E8, 5D, 58, 00, 00, E9, 78, FE, FF, FF, 3B, 0D, D8, 73, 6B, 01, 75, 02, F3, C3, E9, DF, 58, 00, 00, C3, B8, 25, 4C, 96, 00, A3, 0C, 76, 6B, 01, C7, 05, 10, 76, 6B, 01, 0C, 43, 96, 00, C7, 05, 14, 76, 6B, 01, C0, 42, 96, 00, C7, 05, 18, 76, 6B, 01, F9, 42, 96, 00, C7, 05, 1C, 76, 6B, 01, 62, 42, 96, 00, A3, 20, 76, 6B, 01, C7, 05, 24, 76, 6B, 01, 9D, 4B, 96, 00, C7, 05, 28, 76, 6B, 01, 7E, 42, 96, 00, C7, 05, 2C, 76, 6B, 01, E0, 41, 96, 00, C7, 05, 30, 76, 6B, 01, 6D, 41, 96, 00, C3, 8B, FF, 55, 8B, EC, E8...
 
[+]

Entropy:
6.8749

Code size:
15 MB (15,694,336 bytes)

The file gw2.exe has been discovered within the following program.

Guild Wars 2  by NCsoft Corporation, Ltd.
Guild Wars 2 is a massively multiplayer online role-playing game developed by ArenaNet and published by NCsoft.
About 1% of users remove it
 
Powered by Should I Remove It?

The file gw2.exe has been seen being distributed by the following URL.

http://cloudfront.guildwars2.com/.../Gw2.exe

Scan gw2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.