» legoharrypotterdemo.exe
Overview
Analysis
File Details
Downloads (60)

legoharrypotterdemo.exe

Launcher

Travellers Tales (UK) Ltd

This is a setup program which is used to install the application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

Publisher:

Travellers Tales (UK) Ltd (signed and verified)

Product:

Launcher

Version:

1, 0, 0, 0

MD5:

e9b4292f1eacbbb2b7bb9f8b028684f7

SHA-1:

bb0a30ad9a7cc51c80e1bb1f3eec22e6ccc1a706

SHA-256:

01d8e88511d71f5dd1492034ea4b00eacdbbf891ef23cffa31413d232eee3647

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/14/2024 8:52:07 PM UTC (today)

File size:

780.3 MB (818,177,352 bytes)

Product version:

1, 0, 0, 0

Original file name:

Launcher.exe

File type:

Executable application (Win32 EXE)

Language:

English (United Kingdom)

Common path:

C:\users\{user}\downloads\legoharrypotterdemo.exe

Digital Signature

Signed by:

Travellers Tales (UK) Ltd

Authority:

VeriSign, Inc.

Valid from:

7/9/2008 1:00:00 AM

Valid to:

8/15/2011 12:59:59 AM

Subject:

CN=Travellers Tales (UK) Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Travellers Tales (UK) Ltd, L=Knutsford, S=Cheshire, C=GB

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

45D5801D1501764CA01166DFA549D788

File PE Metadata

Compilation timestamp:

5/26/2010 12:26:41 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

25165824:pZNGT6oI3oxtfEkYYsxmRO7Zp0Py4UefGqiJxO:p6T54oxtfSY3UpMy1e+qiJxO

Entry address:

0xAC26

Entry point:

E8, B5, 7B, 00, 00, E9, 16, FE, FF, FF, 8B, 44, 24, 04, 85, C0, 74, 12, 83, E8, 08, 81, 38, DD, DD, 00, 00, 75, 07, 50, E8, ED, F7, FF, FF, 59, C3, 8B, 44, 24, 04, 85, C0, 56, 8B, F1, C6, 46, 0C, 00, 75, 63, E8, 42, 3B, 00, 00, 89, 46, 08, 8B, 48, 6C, 89, 0E, 8B, 48, 68, 89, 4E, 04, 8B, 0E, 3B, 0D, F8, 42, 42, 00, 74, 12, 8B, 0D, 10, 42, 42, 00, 85, 48, 70, 75, 07, E8, 75, 11, 00, 00, 89, 06, 8B, 46, 04, 3B, 05, 18, 41, 42, 00, 74, 16, 8B, 46, 08, 8B, 0D, 10, 42, 42, 00, 85, 48, 70, 75, 08, E8, DB, 7D, 00... 
[+]

Entropy:

7.9749 (probably packed)

Code size:

112 KB (114,688 bytes)

The file legoharrypotterdemo.exe has been seen being distributed by the following 50 URLs.

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_en&type=PROGRAM&Expires=1482836084&Signature=QJp0vb97m35EWAYZ84X7XyMa0Q-PVO72CoR2A38DDRq4hRpqzt-AT~O0XbCpMbIl0uR-lstTTgDtX6beiIcYLLQSsI6amSXJU3UWUErSakJJ94gNrK8J77Z6lS581Q10MYcA1boc9ulIJ5NfSEO9moMGSbOsmtBBhP5kifgBy2g_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://data2.mujsoubor.cz/downloadFile.php?n=bGVnby1oYXJyeS1wb3R0ZXIteWVhcnMtMS00XzEuMC5leGU=&s=gg70kvle875g0dadarc1084u96&r=130b5b755b96d0c5259aae0019988660

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_en&type=PROGRAM&Expires=1482111981&Signature=d34plMni6SRwQPsREEn3vkUrGsJPvYZYsYaMJERADdvQjtWOI2W6nU-gF56AulL2pk06bG1nLdwVAN2577uVlymmuD7WtXPwtdwUR5gz5msgMg4NwgDk27uAz4abtbp8OrraBKFEIap1RUcgXnUoGWLGTqwOEHu5Wi9WppJ4Wmo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_fr&type=PROGRAM&Expires=1482214720&Signature=WCq7neziT0hPWNWKgBWTzLT~eeNsFAJlIR6J8wk3gJuRoqfwQa8amtQr-vgQUvkrC~X~HK8UA7VlB9dbIoF5YOyJ5aZ1TZBjWqcMSNifyGLaXaGjNNWtbSAe0ZNC3SJWgWB0B3pBq3lmYK8ra4a5QHwAfkA~l8BEsqIfXI5ClKk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_fr&type=PROGRAM&Expires=1483831151&Signature=FbJS9Us0g0e0pI9xwNIHxz~tGiCSzYldEZ8n2KoQ7XorIl0gycN7LFLw5if0aD2Ezf87iS7ObdU1X72qxfQgjjdRkOEh5h7f0qVBV0EXcUVYBAG~d3QVqOCycD~BMop1fv~JP4Kd8b6XM36SdLsn0cE12QDbBJmY8I-Vb-JUJ-w_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://dl.4players.de/f1/pc2/.../LEGOHarryPotterDEMO.exe

http://data2.mujsoubor.cz/downloadFile.php?n=bGVnby1oYXJyeS1wb3R0ZXIteWVhcnMtMS00XzEuMC5leGU=&s=rr57q4vtmujs33n88gfmkh6435&r=6efa9e180ba0c36b528e6e4ec8126825

http://mujsoubor.cz/download/adventury-a-rpg/lego-harry-potter-years-1-4/o14alo237v2cpm16pc8bvpsef5/.../lego-harry-potter-years-1-4_1.0.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_en&type=PROGRAM&Expires=1474031462&Signature=bV9hBpM5pZiIgHCWoWdi-QcjQZP~rpHOMAxDgYhITR5FAHRMuFYWrFaONn~x-Uo8QVnVVGFrVindm0nWREEUrqdJmKBnSGHd~jboT1fAl9fqbv3mh3WcOG4EmsDLRxXdLcNNoNuRMfgEWmhCKcnklAtUWD4~Bt~2uRIUm3D99bE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_pl&type=PROGRAM&Expires=1444874599&Signature=GJssPzOQiRz17XX53V9XS~TmWciP586~6ByLJDFTaq7q04O7UK6pfZLk4XS5sH9pFZK6xomgLpip669tPtdwsQgeLS36TK1zHuUUEIExjOY87ppg0psfE7-5ulQDS15NhmCNDhWMr2~YZNOW1vPIodgnRWfjaG7kBXgJhLHpMII_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://soft-jeux.telecharger.com/jeux/.../LEGOHarryPotterDEMO.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_pl&type=PROGRAM&Expires=1469560876&Signature=S1uvdZweGAgCpOdp4Qmz-pGLxDlOW3eWj38nxw5bYMn-mu2GoZ1S0rLkwYP6K6lEW5QLoH9Jz5mjWXv5hxoRqXXIXSKQS8DI66ev9SwEsEr21wTLI6vadmGtwldf2UNlwoetEqtmCs2b49TbHbyf-6~yeJtRCHai-HPatk7RQIs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_en&type=PROGRAM&Expires=1478742818&Signature=KPk-arTiW3pcyoOQn9Qqti5h-LuoLzhn2qXme-ouJoP31ShKw1lWOedLr1W3kyxGTXkfE4jyGflw6NgJALY5cR-jyyTapPMVMSd04V0Ob8RrvtmK388m3U41pz1kWN4ovgfxG93ROtvZ68ycNbB1FyalR-O8zmgqHy9NtBsC9r8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_en&type=PROGRAM&Expires=1478492814&Signature=ElAdqe68yMcQThMHPk7rz2GsuFy-9Ufw~VrCSsfFfN8X9UCbq1NZL5x7Uhm~oBtZVNr~M-j7V3cZ-8LIbrB6f6-qUvVNe~0e2WEdC5aWGFuV34C-f2odX5-OQ8b80bG2-7h1QDFpJbvvODvN-ijRg3tYEJpmz1Wk~ALnWHqDiFI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

https://www.videogamer.com/download?key=downloads/.../LEGOHarryPotterDEMO.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_en&type=PROGRAM&Expires=1476417859&Signature=eoj9tZNydp4GKMIv60QFwtclv4tKpmPa8jiB-9-eRXE8ODNvtKZM3rUBEpuPQG2blt6M~wn0KnCH3Xsc8jws7Jc1g2--0TSTn0FeEC6dMTs09HrRfDrcbayuoaeihu0p8oJtJerZ6Og5vLAqucPWEN25br5pIExKOI9zkDqf5e0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_en&type=PROGRAM&Expires=1475934614&Signature=QP3Jix05tYvUV93vKKUyt0iwv8G2FCj87xX4kx5-wK3kyko4-tG3gIIHvroVL~cKfQuk0IbK87d0bg8pGuexNcYbe39Xs-YWut~ASGM1iPV54lHWgWG2LqyivwFsKJVoV6wLxrHEpk2rMYF946BuEDya8Hh26PEeiT5ZmCY4D3s_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_fr&type=PROGRAM&Expires=1477995971&Signature=At9Go8ftH7Nhl3JsWc7m~S6CKEZvv5fLO~RJGRiZduB9FrcRcyu4MHSOWpixabwtirJM--1Y04hTgaXbEk--mAo95JqoxWUfbRzcNoTTSZjk1iT4r~al1mDyMeqEhbvoyOIngOUGdw69r7CnTmBs-xFYyhOhnFDXX3ldwLq0nY4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_br&type=PROGRAM&Expires=1437355919&Signature=GqJo8q9tsVvP4e-QM2T64hh~bY-zLqJFqBlo0c7k5O5IoBr28b-vVXsNroXmun50VbMLeFwWZCcl~i-awmpixq4f0l56QncERcXWUxpx-Z8h2VJcxCO0rwaCDdbU5b6uk1rbLeJePyBD8qff8FW54zmOVeyqqAQd5GNrlvGW8us_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_pl&type=PROGRAM&Expires=1478474109&Signature=c8fz~EyrTriImfWiAfkRTT44NxtLstGl1Pntw4EG6SG-~NTlbwYgAKjr2lJ-b3VIPSjh~wtTkbw0BjIh0wy2plk8bHc2vRWYb7Y1UFXk8AFtvC~BDBIe4URG-eZh0Fb8EARl~55GrFfVe3LyDlhjnq0E4lWDJZL6IbgGnY-kfoE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_fr&type=PROGRAM&Expires=1472095673&Signature=dSCHOzSCJN8b9Bh1KmIcKnG67yfH1lTLw4JBF8Q6uuKzraZmFuoVejrEmgTNs4joWVZOOdbLM4qoqY2SS-Br0DYTB9G6tgKgePcgriFTus6FfJmhknsAJ2Rn9DfJU2pFVBCsq4nGtsMi2Gno-KIMu9GJVgsRo~fZ1NixCpyxeDs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_br&type=PROGRAM&Expires=1469274416&Signature=OvOD0MnpfU-qR-NA~wIZ7rB2VwNg6bYemrCAM1iHSdheZhBruNr98LiHq8vhqxwejf~X6MvJ~NONxW12rSSZ2yhlXcQ05LTVMmv~gcJyapFzPue~XXtCjfGRzMXHuda5TQTxYTYIpv1REob0sEqb8JJIzheFSdtET6EV28BLN2I_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_en&type=PROGRAM&Expires=1480084252&Signature=a9ehVypTPN8LzAlyMUK9rW7IVRGe0gFm45qSv4w7dxhAe1v0XMWy02VxzRrNy16OMLmY9qpeEL9~e3kbtUmUv30MJWqnwRquxngEhnxkDO4u4xFd2ELcqcQMjmG-07L4NVSuDmhqhNn~IJH29dlel71Gz~MjmLa4uvZEumBTDFE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_fr&type=PROGRAM&Expires=1474253356&Signature=NgXmHLWdCN1U~KWO7tHnAGKSHoqEnZXgCf9F4cQGf13v8i-CN6INcnpbEuujQCAiB8W1jQcbFNZH7MX9~PYQGrlNXrU9hHT7s2It3cqpX3lykbM5NHbOkbrdM4x7uPZBrCTY8OoWX5DOF5THZVqOzI42JcMQN~vrit~yHYUnZJo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_en&type=PROGRAM&Expires=1478666137&Signature=apNqjnqf8fGW6u9HIi5Lo-WSFRFLIaNZCUe-Q3hyCMIL5FMEsV91Hc3UZOBQC8zmUQxxE-pBkfO1f8aGPIRj37hjRtsc6XGK3UJISmAV6I1LVM-WzxUFzRdoebMI8~i4-TmFWjZwZNe9USsCEaQWLCVvz~UIwd8kmnZ8j8R8Y5Y_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_en&type=PROGRAM&Expires=1470964009&Signature=Z7oiZ01cNG6Y3RJ5Yi9SUz4dwdofw7gywnrk1NwpJTHx1R~Anynr38u9lA8C5AQujLtfiNfkJojpfmEQ5OH~aADgjpjwOl8Sw1PN~ZFxxSNBkxZLNMrVrQg9OmMRf0j77raEQ~MNN3~DcM0Jekc~pvo5onXj5tkiPKG~hq-D0qs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_en&type=PROGRAM&Expires=1478452187&Signature=f8VRp6HJlxvGozyEfeTs6OaTCyjeJi3GUXyx0RLxdjV1EQJBS0EV8n555lTyshfBRCTodSRTl2kB3rvZZMGEX5UBj-ullUZwOAwbDxfGJWDVQ-hqGYkSvAxFWTi2GiyXMxaisl92vX0Rlzl1DqNju0GNX-8vcBMpV84D2MJmCuo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://www.appsfactorycurrent.com/Z1FUu5S8k0ohBW INazZnboN8Ks4BZwfyvA7JUJHZ5X497OA8ERBflDS2qY1Yk4l0Y5YDPAlbE4fUiDMsJq9jhJE8C3jVMXNpY_m6hzt3sbooiynZGaOXOt86i1H5Y_f5RY7Eleab0irOfOP80e5rHBRPccJeLUJz04rQ2 vur1oIR9rqYHbw9BZYgC05F1mmP_0uE3vfWqXJgxvsEdLbrZHc0x98oVL0sP0HHHlfWxtJFeUjmRQRuWyYM9INnSn5mL00k3v3DdDskOa6mztlo87II__ZHOFsC_RlnJGofmXA0w6jD9HFe4YM4O 7yWDw8ai3Qs9KymvoPzql4QR0lAqCHKCB8X8Kv3TVzs0 Rxlqb9iwpT BtNVvimphIOOZLKsxwZA_p4uCFREFVwN_RKboadhPWJCSJnZDBCZYYfCfniw1CvFuVFADB44LBtWTjUfN3qRPKlmbOQi_JvcbLa3cXT1cnKrRLEgTKpDwSdfYpyx603UuiJYb4bMKukWXpcd3Uq3kYEQnjQ1dLgoHzZUnmEa_zWS8jS5_ eC0VZCFbNoeDLbajbl3_n1WRvSMPGAwjd5NtlA5MmrsWo3dUqrFPVWc1bkWvIamSmnwmA8zS15N5hyY130tf2UQGVFM7hRJrzqYSZMFjjls9nzer4mhUd376yozauBzykViED55AXdoDL r3mTRaBjofPgwRyJduVR-G1cAAGRyXWtr20NKvA4INuDApZDCAe3ONg_kjaEXDeu61bPQ5Ck2N90GYz7Afbvv5kTN32jXrfh0eTXbWT1WyEREcZLDdscfaBSC5gQaFwSSAg==-e

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_en&type=PROGRAM&Expires=1476322460&Signature=HC~X2emC3unmOpzaQKfa1oK4QTTIltfPkSyMT3QCbEN2eagXe41nDWRVaiOvWxMmOTxArnv~GRnK7sgxwybwEcToXkjdOjMa5UZtNC~u33CNkt9M1pgX6BT~gHv9dy12luOHzKgl50SRAiZYT2pjcsFpFVtSZDv8AcjJHboLU0Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

http://gsf-cf.softonic.com/bb0/a30/.../file?SD_used=0&channel=WEB&fdh=no&id_file=100599&instance=softonic_pl&type=PROGRAM&Expires=1441076456&Signature=YE9Qj~xOdXNN~HXBhr~VM6s1cEwUuqmgOACLhEnYRTvhVoo~XaLZ8ypXHmgUadD0Z3jOynOVLHACnrJioaOLy2AUzIUg0OblY9TE7zA~X0EWED95JylY-KvDdw8SiCYtn8Ax~9yQAxaqpJ-0B5Ng6agUkih7o8JGtj6yk2igoe0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LEGOHarryPotterDEMO.exe

Latest 30 of 60 download URLs

Scan legoharrypotterdemo.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.