home

overwatch_dump.exe

Blizzard Entertainment, Inc.

Publisher:
Blizzard Entertainment, Inc.  (signed and verified)

MD5:
374924eb1af5621ff1ef82084b5959a8

SHA-1:
83b7b300650c172c9a4c8d03854e2ac30bc17bab

SHA-256:
7494ae4bbe3ba8d25808317433689c2cf1b2acf128fc37c5cd43a68aa2a624df

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 8:36:58 AM UTC  (today)

File size:
29.8 MB (31,209,984 bytes)

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\overwatch_dump.exe

Digital Signature
Signed by:
Blizzard Entertainment, Inc.

Authority:
Blizzard Entertainment, Inc.

Valid from:
8/16/2013 5:43:34 PM

Valid to:
8/9/2043 5:43:34 PM

Subject:
CN=Battle.net Certificate Authority, OU=Battle.net, O="Blizzard Entertainment, Inc.", L=Irvine, S=California, C=US

Issuer:
CN=Battle.net Certificate Authority, OU=Battle.net, O="Blizzard Entertainment, Inc.", L=Irvine, S=California, C=US

Serial number:
00D398195A05DC9955

File PE Metadata
Compilation timestamp:
6/23/2016 3:57:54 AM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
786432:xZ1I9/p/H7ZkCpxmQ8z8EL8HkJO9ee9OpqAWtDB:z4PvMwOSv9FOpUtDB

Entry address:
0x1591A44

Entry point:
CC, D9, F8, 94, 66, 57, EB, 77, EE, 90, D9, 6F, 77, 60, DE, 16, A6, CA, 03, 38, E4, DB, 1E, 79, 44, F1, 1C, 64, 12, 72, 43, 7E, 80, C2, C9, 79, 41, 54, 4B, 90, CE, 97, 57, 24, 37, 74, 0A, 85, 6C, 56, 5D, B7, 82, 45, 51, 07, CB, 32, B7, 8B, F9, F0, 26, 56, F7, A2, 9A, 42, CD, 1B, 6D, 91, 7A, 6A, 36, 0A, 2F, 99, A4, 1E, B4, 7F, ED, 74, 9C, D0, 8C, 00, 5F, 21, 91, 26, CC, 04, EE, A6, EF, 66, D4, B0, C8, 67, 42, 3C, 96, D8, 90, 02, 56, F0, 02, 57, D6, 0A, 46, CB, D7, 80, 46, 67, CA, D1, 84, 5D, E6, 93, 69, 79...
 
[+]

Entropy:
7.7515  (probably packed)

Code size:
23.3 MB (24,382,976 bytes)

Scan overwatch_dump.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.