» neoseekerinstaller.exe
Overview
Analysis
File Details
Downloads (2)

neoseekerinstaller.exe

Overwolf Installer

Overwolf Ltd

File name:

Publisher:

Overwolf (signed by Overwolf Ltd)

Product:

Overwolf Installer

Version:

1.31.4974.25804

MD5:

7e5fe238aa7a5a39a25823057d3cbbf8

SHA-1:

c388c0dfe70aff1fae6605c71380e0948764633f

SHA-256:

dfa76330a333fe5e22a348674a9ef2982263c3758a1df203eed393421064909c

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/24/2024 11:50:24 PM UTC (a few moments ago)

File size:

953.9 KB (976,824 bytes)

Product version:

1.31.4974.25804

Original file name:

OWInstaller.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Digital Signature

Signed by:

Overwolf Ltd

Authority:

COMODO CA Limited

Valid from:

12/25/2011 6:00:00 PM

Valid to:

2/10/2014 5:59:59 PM

Subject:

CN=Overwolf Ltd, O=Overwolf Ltd, STREET=Halechi 27 st., L=Bnei Berak, S=Tel Aviv, PostalCode=51200, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

02E4635116A814330262E360005D60EB

File PE Metadata

Compilation timestamp:

8/14/2013 9:20:10 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:KmgpfFw1qnjNj2K01U9zxWLZDfv2RykF8r57P/nuRR:KmgHwgjNj71zxWLZDfv2wkF4LuRR

Entry address:

0xE82C6

Entry point:

FF, 25, D4, 82, 4E, 00, 00, 00, 00, 00, 00, 00, 00, 00, A8, 82, 0E, 00, 00, 00, 00, 00, 00, 00, 00, 00, 1A, 92, 0B, 52, 00, 00, 00, 00, 02, 00, 00, 00, 84, 00, 00, 00, F8, 82, 0E, 00, F8, 64, 0E, 00, 52, 53, 44, 53, C8, 05, EA, 66, F7, ED, EC, 48, A3, CA, A4, 59, EC, 01, 7D, DB, 01, 00, 00, 00, 43, 3A, 5C, 4F, 76, 65, 72, 77, 6F, 6C, 66, 5C, 53, 6F, 75, 72, 63, 65, 5C, 4F, 76, 65, 72, 77, 6F, 6C, 66, 5C, 49, 6E, 44, 65, 76, 5C, 4D, 61, 69, 6E, 44, 65, 76, 5C, 53, 6F, 75, 72, 63, 65, 5C, 4F, 57, 49, 6E, 73... 
[+]

Entropy:

6.0221

Code size:

921 KB (943,104 bytes)

The file neoseekerinstaller.exe has been seen being distributed by the following 2 URLs.

http://download.overwolf.com/NeoseekerInstaller.exe

http://www.overwolf.com/DownloadInstaller.aspx?partnerid=3336

Scan neoseekerinstaller.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.