home

mad2.exe

Madagascar 2

Activision Inc.

Publisher:
Activision Inc.

Product:
Madagascar 2

Description:
Madagascar 2 Application

Version:
1, 0, 0, 1

MD5:
7343706e4034a648ed7fb294378a404a

SHA-1:
ef87e5fe312ebcf0d4408ad7c947fc413689ed19

SHA-256:
6c230efc8b908fb7ff78d413128e0ced16722d98c9f906a011a9ee3b73feb0f3

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
5/24/2024 8:08:04 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAutoB
1.3.0.4959

File size:
15.8 MB (16,585,928 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2008 Activision Inc.

Original file name:
TFB_RT.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\lohe zarin nikan\madagascar - escape 2 africa(tm)\mad2.exe

File PE Metadata
Compilation timestamp:
9/25/2008 2:32:29 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
196608:Jvsd6H3UX1uwGVHMyKLwyPZHdfId9MnPg:RRU+Q9Dg

Entry address:
0x40B7

Entry point:
E8, 44, 05, 00, 00, E9, 35, FD, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 70, A1, 40, 00, 89, 0D, 6C, A1, 40, 00, 89, 15, 68, A1, 40, 00, 89, 1D, 64, A1, 40, 00, 89, 35, 60, A1, 40, 00, 89, 3D, 5C, A1, 40, 00, 66, 8C, 15, 88, A1, 40, 00, 66, 8C, 0D, 7C, A1, 40, 00, 66, 8C, 1D, 58, A1, 40, 00, 66, 8C, 05, 54, A1, 40, 00, 66, 8C, 25, 50, A1, 40, 00, 66, 8C, 2D, 4C, A1, 40, 00, 9C, 8F, 05, 80, A1, 40, 00, 8B, 45, 00, A3, 74, A1, 40, 00, 8B, 45, 04, A3, 78, A1, 40, 00, 8D, 45, 08, A3, 84, A1, 40, 00, 8B...
 
[+]

Entropy:
5.0565

Code size:
16 KB (16,384 bytes)

The file mad2.exe has been discovered within the following programs.

Madagascar - Escape 2 Africa(TM)  by Lohe Zarin Nikan
www.lohezarinnikan.com
About 6% of users remove it
Madagascar 2 Escape 2 Africa  by NewTech Infosystems
www.new-tech.ir
About 5% of users remove it
 
Powered by Should I Remove It?

The file mad2.exe has been seen being distributed by the following URL.

http://s10822.chomikuj.pl/File.aspx?e=3z_S09X6yW6WI7w-eAjvJyWua0tPa99faMPUYUxPIqlj6YxKAMsYWjSuPKdoGENQX-OWqnBNUGoCuQdStBD-PxFCmvpW0HX8PRh_SxJpbH3KRBwtBEmyPPxDDHd66qUg&pv=2

Scan mad2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.