home

Gw2Setup.exe

Guild Wars 2

ArenaNet Inc.

This is a setup and installation application. The file has been seen being downloaded from www.towerbitscenter.com and multiple other hosts.
Publisher:
ArenaNet  (signed by ArenaNet Inc.)

Product:
Guild Wars 2

Description:
Guild Wars 2 Game Client

Version:
1, 0, 0, 1

MD5:
7b6cfb1bd57ecfc053ba0df43c743a32

SHA-1:
e59d6e66b0a1b0b8416d3c1ee92a0f0ce5fd214d

SHA-256:
84f886f5bc35ac2db900ae047fa898055df152d35b53744c3fbdf8623cc530da

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 1:26:09 PM UTC  (today)

File size:
21.7 MB (22,716,480 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (c) 2006 ArenaNet

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\gw2setup.exe

Digital Signature
Signed by:
ArenaNet Inc.

Authority:
Thawte, Inc.

Valid from:
4/17/2012 8:00:00 PM

Valid to:
4/18/2014 7:59:59 PM

Subject:
CN=ArenaNet Inc., O=ArenaNet Inc., L=Bellevue, S=Washington, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
402C7DE1729D312321179FC710542B51

File PE Metadata
Compilation timestamp:
7/20/2012 12:53:08 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
393216:Z/+X1IthfEohQu1nMFi4f0lISMslrTtIPRvFD5Vd9JGc:Z/+XwiMn+i4MmSMslrTtI591/9B

Entry address:
0x487466

Entry point:
E8, 92, 55, 00, 00, E9, 78, FE, FF, FF, 3B, 0D, 14, DE, 62, 01, 75, 02, F3, C3, E9, 14, 56, 00, 00, C3, B8, 51, D6, 88, 00, A3, 54, E0, 62, 01, C7, 05, 58, E0, 62, 01, 38, CD, 88, 00, C7, 05, 5C, E0, 62, 01, EC, CC, 88, 00, C7, 05, 60, E0, 62, 01, 25, CD, 88, 00, C7, 05, 64, E0, 62, 01, 8E, CC, 88, 00, A3, 68, E0, 62, 01, C7, 05, 6C, E0, 62, 01, C9, D5, 88, 00, C7, 05, 70, E0, 62, 01, AA, CC, 88, 00, C7, 05, 74, E0, 62, 01, 0C, CC, 88, 00, C7, 05, 78, E0, 62, 01, 99, CB, 88, 00, C3, 8B, FF, 55, 8B, EC, E8...
 
[+]

Code size:
13.9 MB (14,541,824 bytes)

The file Gw2Setup.exe has been discovered within the following program.

Guild Wars 2  by NCsoft Corporation, Ltd.
Guild Wars 2 is a massively multiplayer online role-playing game developed by ArenaNet and published by NCsoft.
About 1% of users remove it
 
Powered by Should I Remove It?

The file Gw2Setup.exe has been seen being distributed by the following 3 URLs.

http://www.towerbitscenter.com/AgGX5ezSFNrh qVfBNzlY5GLwjILeZsTemd3I GanzCBklaonIyt5r5LTqbYDgZV2GEefUWgX _kcQ0BlLS gOwXlj_CP4UuiBavCDBRarKkDpp8RRKg_RmKOF8i5a 4QVRf_gsGy7y4My3L5fx1YBAN_CRLcbZZOZtx02 Yj1bQRIzF1u0wnN3yVgoEUSbcz8pe1buYwRfaqmGip_524YO92bXdMw==-GzMAAES3eX4KPo_8HpfQiCAqSrEmpBCBFpLbB3pjy5 9gnqO2crvExiyZi0xRB7CBw==

https://account.guildwars2.com/account/.../win

http://cloudfront.guildwars2.com/.../Gw2Setup.exe

Scan Gw2Setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.