» jogoboxinstaller(jeux).exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)
Downloads (2)

jogoboxinstaller(jeux).exe

Tibaco International B.V.

This is the uninstaller utility registered in the Windows Control Panel for the program JogoBox by JogoBox.com. The file has been seen being downloaded from software.thaiware.com and multiple other hosts.

File name:

Publisher:

Tibaco International B.V. (signed and verified)

MD5:

f27d0651d8647bbfe34948e38c89ca78

SHA-1:

21ec0033b9448c8af69997119920c5a893126293

SHA-256:

103f174b69822ec430f8f984f85014c9ebe0508551e77dd9da59fab8d686d1e9

Scanner detections:

2 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/26/2024 12:07:44 AM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

DLOADER.Trojan

9.0.1.0358

Trend Micro House Call

TROJ_GEN.F47V0828

7.2.358

File size:

332.5 KB (340,496 bytes)

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

Tibaco International B.V.

Authority:

Thawte, Inc.

Valid from:

2/26/2013 1:00:00 AM

Valid to:

4/28/2014 1:59:59 AM

Subject:

CN=Tibaco International B.V., O=Tibaco International B.V., L=Eindhoven, S=Noord-Brabant, C=NL

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

377C850A7C23AC64B2A986510C814385

File PE Metadata

Compilation timestamp:

11/12/2012 5:17:42 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:ulnKKP6TS2LSiiJ+iPWTBqHCGISLd1pAR6NRj/syX4RXw4x3scNK3fmMhhG:u7iGiRiPWTsHE0fpxbjIVw4VsiKvb4

Entry address:

0xEEAF

Entry point:

E8, E5, 4F, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 53, 8B, 5D, 08, 83, FB, E0, 77, 6F, 56, 57, 83, 3D, 74, 89, 42, 00, 00, 75, 18, E8, BA, 43, 00, 00, 6A, 1E, E8, 04, 42, 00, 00, 68, FF, 00, 00, 00, E8, 4B, FA, FF, FF, 59, 59, 85, DB, 74, 04, 8B, C3, EB, 03, 33, C0, 40, 50, 6A, 00, FF, 35, 74, 89, 42, 00, FF, 15, E0, E0, 41, 00, 8B, F8, 85, FF, 75, 26, 6A, 0C, 5E, 39, 05, 64, 93, 42, 00, 74, 0D, 53, E8, 6D, 15, 00, 00, 59, 85, C0, 75, A9, EB, 07, E8, C2, 0F, 00, 00, 89, 30, E8, BB, 0F, 00, 00, 89... 
[+]

Entropy:

7.4586

Code size:

116 KB (118,784 bytes)

Program Uninstaller

Program name:

JogoBox

Display publisher:

JogoBox.com

Display version:

Uninstall string:

C:\users\{user}\appdata\local\jogobox\uninstall.exe

The file jogoboxinstaller(jeux).exe has been discovered within the following program.

JogoBox by JogoBox.com

jogobox.com

About 1% of users remove it

The file jogoboxinstaller(jeux).exe has been seen being distributed by the following 2 URLs.

http://software.thaiware.com/download_url.php?id=10148

http://jogobox.com/.../JogoBoxInstaller.exe

Scan jogoboxinstaller(jeux).exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.