home

magic match 2.exe

Big Fish Games

The executable magic match 2.exe has been detected as malware by 22 anti-virus scanners.
Publisher:
Big Fish Games  (signed and verified)

MD5:
50310890784de1ec0854105af4f0dbc1

SHA-1:
b9998cae65d90de9af6faa48f65f97dac61ccc31

SHA-256:
25af63a8d6402ea99c59eeda27c9c447227ffdc03a0ae14ea9ad098f0c161420

Scanner detections:
22 / 68

Status:
Malware

Analysis date:
4/27/2024 3:13:34 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKDV.1390714
864

Agnitum Outpost
Trojan.Kryptik
7.1.1

Avira AntiVirus
TR/Crypt.ASPM.Gen
7.11.122.114

AVG
Generic4_c
2015.0.3342

Baidu Antivirus
Trojan.Win32.Kryptik
4.0.3.14923

Bitdefender
Trojan.GenericKDV.1390714
1.0.20.1330

Bkav FE
HW32.CDB
1.3.0.4613

Emsisoft Anti-Malware
Trojan.GenericKDV.1390714
8.14.09.23.01

ESET NOD32
Win32/Kryptik.GTW (variant)
8.9190

F-Secure
Trojan.GenericKDV.1390714
11.2014-23-09_3

G Data
Trojan.GenericKDV.1390714
14.9.22

IKARUS anti.virus
Trojan.Crypt
t3scan.2.2.29

K7 AntiVirus
Hacktool
13.174.10656

McAfee
Artemis!50310890784D
5600.6998

MicroWorld eScan
Trojan.GenericKDV.1390714
15.0.0.798

NANO AntiVirus
Trojan.Win32.ASPM.rjsge
0.28.0.57029

Norman
Suspicious_Gen2.QSGSD
11.20140923

Quick Heal
Trojan.Agent.nq
9.14.12.00

Rising Antivirus
PE:Trojan.Win32.Generic.12A0F352!312537938
23.00.65.14921

Trend Micro House Call
TROJ_GEN.R31Z1KG
7.2.266

Trend Micro
TROJ_GEN.R31Z1KG
10.465.23

VIPRE Antivirus
Trojan.Win32.Generic
24810

File size:
1.9 MB (1,955,144 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\magic match-the genies journey\magic match 2.exe

Digital Signature
Signed by:
Big Fish Games

Authority:
VeriSign, Inc.

Valid from:
10/11/2007 2:00:00 AM

Valid to:
10/30/2010 1:59:59 AM

Subject:
CN=Big Fish Games, OU=Big Fish Games, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Big Fish Games, L=Seattle, S=Washington, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0123CAA9972EFB166E26E9E4EEF9DA0B

File PE Metadata
Compilation timestamp:
1/25/2007 6:30:06 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
83.82

CTPH (ssdeep):
49152:LGBpMTTDpgMBMGXE7jPh1L7C/LpAKwsxWzIyCYpjgquK9YiH:LlXVguXEPPf7C/L2KrxWzIy5ZQepH

Entry address:
0x187000

Entry point:
E9, 06, C0, 00, 00, 90, 5D, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB, 0F, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 9D, 0F, C9, 8B, CA, F7, D1, 59, 58, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB, 0F, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 9D, 0F, C9, 8B, CA, F7, D1, 59, 58, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
320 KB (327,680 bytes)

Remove magic match 2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.