» maingame.exe
Overview
Analysis
File Details
Programs (10)
Network (6)

maingame.exe

File name:

maingame.exe

MD5:

c19baef6155f1ded9b6fc60cd3669b2f

SHA-1:

815c4cf7eb063168b91615ace4447d6efb0fb555

SHA-256:

33766f9861d6f0d6d41770310fb8ba0f5d075fc18ff0e1a38a2e210f67daacc2

Scanner detections:

3 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/26/2024 7:50:37 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Trojan.Genome

7.1.1

McAfee

Generic.dx!xpu

5600.7226

VIPRE Antivirus

Trojan.Win32.Generic

21012

File size:

598.5 KB (612,864 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\galaxy\maingame.exe

File PE Metadata

Compilation timestamp:

6/20/1992 1:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:aBPq5u1235zLHSJLgo6FwVj/zXgpYC1UZ2QjkIvVh+FyW:qi5R35zrSxsCjrwrlv8

Entry address:

0x75C08

Entry point:

55, 8B, EC, 83, C4, F0, B8, 60, 58, 47, 00, E8, D0, 06, F9, FF, A1, E4, 7A, 47, 00, 8B, 00, E8, 44, D1, FD, FF, 8B, 0D, 88, 7C, 47, 00, A1, E4, 7A, 47, 00, 8B, 00, 8B, 15, 20, 4C, 47, 00, E8, 44, D1, FD, FF, A1, E4, 7A, 47, 00, 8B, 00, E8, B8, D1, FD, FF, E8, 6B, E3, F8, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

467.5 KB (478,720 bytes)

The file maingame.exe has been discovered within the following programs.

Air Flashback by MyPlayCity, Inc.

Air Flashback is a video game distributed through the MyPlayCity installer. This installer will also modify the user's web browser home pages and default search provider to myplaycity.com in Internet Explorer, Firefox and Chrome.

www.MyPlayCity.com

16% remove it

Air Force Missions by MyPlayCity, Inc.

Air Force Missions is a video game distributed through the MyPlayCity installer. This installer will also modify the user's web browser home pages and default search provider to myplaycity.com in Internet Explorer, Firefox and Chrome.

10% remove it

Air Invasion by MyPlayCity, Inc.

Air Invasion is a video game distributed through the MyPlayCity installer. This installer will also modify the user's web browser home pages and default search provider to myplaycity.com in Internet Explorer, Firefox and Chrome.

8% remove it

Beach Party Craze by MyPlayCity, Inc.

Beach Party Craze is a video game distributed through the MyPlayCity installer. This installer will also modify the user's web browser home pages and default search provider to myplaycity.com in Internet Explorer, Firefox and Chrome.

www.girlgamesforfree.net

10% remove it

Cosmic Pirates by MyPlayCity, Inc.

Cosmic Pirates is a video game distributed through the MyPlayCity installer. This installer will also modify the user's web browser home pages and default search provider to myplaycity.com in Internet Explorer, Firefox and Chrome.

6% remove it

Deep Voyage by MyPlayCity, Inc.

Deep Voyage is a video game distributed through the MyPlayCity installer. This installer will also modify the user's web browser home pages and default search provider to myplaycity.com in Internet Explorer, Firefox and Chrome.

8% remove it

Egypt Ball by MyPlayCity, Inc.

Egypt Ball is a video game distributed through the MyPlayCity installer. This installer will also modify the user's web browser home pages and default search provider to myplaycity.com in Internet Explorer, Firefox and Chrome.

4% remove it

Farm Frenzy 2 by MyPlayCity, Inc.

Farm Frenzy 2 is a casual PC game distributed through the MyPlayCity custom installer. The installer will modify the user's web browser home page and search provider to myplaycity.com for Internet Explorer, Firefox and Chrome.

11% remove it

Free Solitaire World by MyPlayCity, Inc.

This is a video game distributed via the MyPlayCity installer (which will modify the user's browser homepage and default search provider to myplaycity.com within Internet Explorer, Firefox and Chrome).

3% remove it

Gnomzy by MyPlayCity, Inc.

Gnomzy is a casual PC game distributed through the MyPlayCity custom installer. The installer will modify the user's web browser home page and search provider to myplaycity.com for Internet Explorer, Firefox and Chrome.

7% remove it

Latest 20 of 20 programs

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to 31.b5.adb8.ip4.static.sl-reverse.com (184.173.181.49:80)

TCP (HTTP):

Connects to li310-193.members.linode.com (178.79.173.193:80)

TCP (HTTP):

Connects to CUST-245.252.102.5.018.net.il (5.102.252.245:80)

TCP (HTTP):

Connects to 203.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net (185.33.220.38:80)

TCP (HTTP):

Connects to 154.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net (37.252.172.70:80)

TCP (HTTP):

Connects to 103-16-152-143-noc.bsccl.com (103.16.152.143:80)

Scan maingame.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.