home

lucky7.exe

Lucky 7

This is a setup program which is used to install the application. The file has been seen being downloaded from cdn.pogocheats.net.
Product:
Lucky 7

Description:
Lucky 7 v2.0

Version:
2.0.0.0

MD5:
c806de7c5ebc9bdf78225a155191c71a

SHA-1:
a43e3bc076de303912f9313693bfd026623a0c68

SHA-256:
5bd0d2f8ba15c48b402f0932f47f764ddceea1c9a4a9bf578b324a4a789e9627

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/25/2024 4:13:15 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/PECompact
7.1.1

Bkav FE
HW32.CDB
1.3.0.4959

File size:
332.5 KB (340,480 bytes)

Product version:
2.0.0.0

Copyright:
2013 - PogoCheats.net

Original file name:
Lucky 7

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\lucky7.exe

File PE Metadata
Compilation timestamp:
3/3/2013 7:59:57 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:L4dnhvp5FO9MeZtHnTqnB5pHYkrgkDY8tvUlqM5db7S8KNghNowA8uPIXMzBmr:89+95ZtHn+ndFtDYSfM3GTNnwAsXv

Entry address:
0x1000

Entry point:
B8, 24, D2, 4C, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 5E, BD, 47, 7E, 1F, F9, C8, 9B, 40, DB, 76, 21, 54, D7, 19, 51, 38, 07, BE, 6B, 89, C0, F2, 35, 66, 47, EA, 5A, C4, B4, FC, 49, CE, 91, 67, A7, 59, 72, 8C, 3D, 61, 64, F3, AF, B4, 19, B2, 92, 78, 52, 8D, 7A, 17, 89, A8, 5D, D6, 35, 69, 87, 5B, 7F, 4B, EC, 8D, 1E, BB, A6, 2D, 09, A3, C9, D9, 84, DF, A5, 25, 2C, 1A, 7C, 98, B4, 3C, 02, 08, 73, BB, ED, 42, F7, 1C, 14, 75...
 
[+]

Entropy:
7.9104

Packer / compiler:
PECompact v2

Code size:
571.5 KB (585,216 bytes)

The file lucky7.exe has been seen being distributed by the following URL.

http://cdn.pogocheats.net/.../click.php?id=141

Scan lucky7.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.