home

midnight-calling-anabel_s1_l1_gf14061t1l1_d2622129567.exe

Big Fish Games

This is a setup program which is used to install the application. The file has been seen being downloaded from www.bigfishgames.com.
Publisher:
Big Fish Games

Product:
Big Fish Games

Version:
3.3.0.2

MD5:
f7f5d994c45d47bc85d66fdb2d50aae2

SHA-1:
0e48f4250f414c5dcc53d334eeefa1d2e61c8553

SHA-256:
5fd9ec081b793c7d0721cba0a3206e83657bd15fb8fc6005af153557e397719d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 6:16:49 PM UTC  (today)

File size:
296 KB (303,104 bytes)

Product version:
3.3.0.2

Copyright:
2007-2013 Big Fish Games, Inc. All rights reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\midnight-calling-anabel_s1_l1_gf14061t1l1_d2622129567.exe

File PE Metadata
Compilation timestamp:
12/6/2010 12:35:09 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:mYLSFJPOFlJ6vksWNYWiZGTvR6WmbPbn6r/Lu0gh9RGDeAMzRBMDdjK:T8Jmbd6WqGrR6VD6r/dgTUeAwRBMDdm

Entry address:
0x3249

Entry point:
87, EF, 69, F5, 70, F9, DD, 82, 57, 55, 80, C1, 33, 0F, BF, C0, 0F, B6, C6, E8, 16, 00, 00, 00, F7, C0, 37, 68, A1, 3A, B3, 59, 81, C9, 6B, C5, 7C, 2C, 2B, FF, C7, C0, A7, 34, 8C, 56, 0F, AF, CA, 69, EE, C4, 24, 9B, C1, 81, FB, 9C, 9F, 00, 00, 77, 05, 1B, D5, C6, C5, F8, 4E, B5, EC, 69, F2, F5, 9E, AC, 59, 87, F6, 8D, 2E, 0F, CE, 89, EE, 46, C7, C6, 3C, 69, DC, F4, EB, 03, FF, C6, 46, B9, CA, 03, 00, 00, F7, D6, 81, E9, CA, 03, 00, 00, 87, F6, 33, CD, 81, FE, 58, 43, FD, 44, 87, F6, 8D, 11, 21, D1, 86, C9...
 
[+]

Entropy:
7.7854  (probably packed)

Code size:
23.5 KB (24,064 bytes)

The file midnight-calling-anabel_s1_l1_gf14061t1l1_d2622129567.exe has been seen being distributed by the following URL.

http://www.bigfishgames.com/download-games/30826/.../download.html?src=ogpreroll17327

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.