home

karanlik_isik-xeyoje.exe

Fancy3D Launcher

Beijing FancyGuo Tech Ltd

This is a setup program which is used to install the application. The file has been seen being downloaded from admin-dol.gamesdom.com and multiple other hosts.
Publisher:
Hongfeng Hengyu (Beijing) Tech Ltd.  (signed by Beijing FancyGuo Tech Ltd)

Product:
Fancy3D Launcher

Version:
0,15,1026,1717

MD5:
9945432af7b321247a751fcc46307860

SHA-1:
dbee5b225645ea690fe86aa07904046119eb4d28

SHA-256:
7e7389e685e635ee943087354d7e54659e98d031dcf1242a4c7818bdc42ac4e2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
6/23/2025 8:17:27 AM UTC  (today)

File size:
2.4 MB (2,567,408 bytes)

Product version:
0,15,1026,1717

Copyright:
Copyright (C) Hongfeng Hengyu 2009 - 2015. All rights reserved.

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\karanlik_isik-xeyoje.exe

Digital Signature
Signed by:
Beijing FancyGuo Tech Ltd

Authority:
VeriSign, Inc.

Valid from:
6/12/2015 5:00:00 AM

Valid to:
7/15/2017 4:59:59 AM

Subject:
CN=Beijing FancyGuo Tech Ltd, OU=IT Support, O=Beijing FancyGuo Tech Ltd, L=BeiJing, S=BeiJing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6D09E707C0C807139E9F7382746AF7CF

File PE Metadata
Compilation timestamp:
10/26/2015 1:17:59 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:b+8XJnSAewPlbGtqb8E6Wsathk6IyGcn+Sw20hi8+X1XmmRiiv+9PfWboR5PdZhs:btBP5GtbmD8KGhy88V9+pZC

Entry address:
0x334C70

Entry point:
60, BE, 00, 70, 4D, 00, 8D, BE, 00, A0, F2, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, FA, 25, 33, 00, 57, 83, C3, 04, 53, 68, 69, DC, 25, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Entropy:
7.9810  (probably packed)

Code size:
2.4 MB (2,486,272 bytes)

The file karanlik_isik-xeyoje.exe has been seen being distributed by the following 50 URLs.

http://.../dl?t=dl&s=https://.../37.html?uid=8802978&gw=1&time=1464791201&sid=37&uf=0_0_0&sign=632fcc779c27dbe554354da12f5cd81e&op=gamesdom

http://.../dl?t=dl&s=https://.../49.html?uid=9088146&gw=1&time=1467844375&sid=49&uf=0_0_0&sign=214e1d55451a31fb9b6d9a7c2700de5c&op=gamesdom

http://.../dl?t=dl&s=https://.../25.html?uid=8193813&gw=1&time=1462138696&sid=25&uf=0_0_0&sign=7c3dca970137d59569f207747e0e9bb0&op=gamesdom

http://res-dol.gamesdom.com/client/micro/.../Karanlik_Isik-qakace.exe

http://.../dl?t=dl&s=https://.../15.html?uid=8271321&gw=1&time=1458933329&sid=15&uf=0_0_0&sign=41b7ca16e26fef3a9c67d5d132b0dfd7&op=gamesdom

http://.../dl?t=dl&s=https://.../20.html?uid=8413266&gw=1&time=1460331208&sid=20&uf=0_0_0&sign=584847e992fbc050e38e78ae90e1c0f5&op=gamesdom

http://.../dl?t=dl&s=https://.../54.html?uid=9186422&gw=1&time=1476627923&sid=54&uf=0_0_0&sign=0298b0fa8e2fbc146a852c415a66804a&op=gamesdom

http://res-dol.gamesdom.com/client/micro/.../Karanlik_Isik-mifaye.exe

http://.../dl?t=dl&s=https://.../1.html?uid=7921236&gw=1&time=1454843633&sid=1&uf=0_0_0&sign=7d65ffdf89b97fbbdc0a8db672be1d7a&op=gamesdom

http://.../dl?t=dl&s=https://.../39.html?uid=8852265&gw=1&time=1465362730&sid=39&uf=0_0_0&sign=d85ed9d8ec2ad09ee88609e7a56c8bfa&op=gamesdom

http://.../dl?t=dl&s=https://.../37.html?uid=8802816&gw=1&time=1464790135&sid=37&uf=0_0_0&sign=27b48ad944a370373e051dfe1d038f4c&op=gamesdom

http://.../dl?t=dl&s=https://.../22.html?uid=8451306&gw=1&time=1460815344&sid=22&uf=0_0_0&sign=7e0e3c5a1168e70ddf8718598911dbe2&op=gamesdom

http://.../dl?t=dl&s=https://.../35.html?uid=8767101&gw=1&time=1464339365&sid=35&uf=0_0_0&sign=ba53526c23bef91208105b63c543ced7&op=gamesdom

http://.../dl?t=dl&s=https://.../5.html?uid=7959684&gw=1&time=1453983318&sid=5&uf=0_0_0&sign=1fea7c5063e4d8caa49eb649d3274873&op=gamesdom

http://.../dl?t=dl&s=https://.../34.html?uid=8923179&gw=1&time=1466086502&sid=34&uf=0_0_0&sign=8aa848af173161ee53893f9bc04ded0d&op=gamesdom

http://.../dl?t=dl&s=https://.../47.html?uid=9038355&gw=1&time=1467301522&sid=47&uf=0_0_0&sign=2d3e782b61829b0a2916c7672ea93d1b&op=gamesdom

http://.../dl?t=dl&s=https://.../39.html?uid=8849088&gw=1&time=1465316077&sid=39&uf=0_0_0&sign=e5b2fb66d0c9ae95ce35d5bf6e73be55&op=gamesdom

http://res-dol.gamesdom.com/client/micro/.../Karanlik_Isik-niqaxa.exe

http://res-dol.gamesdom.com/client/micro/.../Karanlik_Isik-donahe.exe

http://.../dl?t=dl&s=https://.../28.html?uid=8598270&gw=1&time=1462438606&sid=28&uf=0_0_0&sign=3296c37a38d3a0f7be2bf0783aae438a&op=gamesdom

http://.../dl?t=dl&s=https://.../54.html?uid=8851788&gw=1&time=1472094568&sid=54&uf=0_0_0&sign=794948f87adfaeba05efd1122c93bb4a&op=gamesdom

http://.../dl?t=dl&s=https://.../50.html?uid=9112521&gw=1&time=1468083588&sid=50&uf=0_0_0&sign=4f25f3ed7824e64eb25c83de9ad0f8b5&op=gamesdom

http://.../dl?t=dl&s=https://.../46.html?uid=9032646&gw=1&time=1467248950&sid=46&uf=0_0_0&sign=6475d68e3687d2043151ba060c96f3e0&op=gamesdom

http://.../dl?t=dl&s=https://.../27.html?uid=8584779&gw=1&time=1462277668&sid=27&uf=0_0_0&sign=001f8ca30885bfecea5f5d563a28ed1a&op=gamesdom

http://.../dl?t=dl&s=https://.../48.html?uid=9074616&gw=1&time=1467654600&sid=48&uf=0_0_0&sign=def9f44bd0499057faa837d8dfe3a054&op=gamesdom

http://res-dol.gamesdom.com/client/micro/.../Karanlik_Isik-darige.exe

http://.../dl?t=dl&s=https://.../14.html?uid=8235318&gw=1&time=1458572005&sid=14&uf=0_0_0&sign=d127b8238cfd73ea2e2d34799609110b&op=gamesdom

http://.../dl?t=dl&s=https://.../40.html?uid=8871741&gw=1&time=1465554452&sid=40&uf=0_0_0&sign=518054fb372668133c5a0c85d934db04&op=gamesdom

http://.../dl?t=dl&s=https://.../42.html?uid=8922876&gw=1&time=1466084964&sid=42&uf=0_0_0&sign=36db4057bf9c89a4eda5e521a9f177ef&op=gamesdom

http://.../dl?t=dl&s=https://.../31.html?uid=8674374&gw=1&time=1463266051&sid=31&uf=0_0_0&sign=aa1bfa7a14d09a741dd9a0b75c9f41cb&op=gamesdom

Latest 30 of 147 download URLs

Scan karanlik_isik-xeyoje.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.