home

overwolfinstallerrobocraft.exe

Overwolf Installer

Overwolf Ltd

Publisher:
Overwolf  (signed by Overwolf Ltd)

Product:
Overwolf Installer

Version:
1.39.0.0

MD5:
62bbad9f28dd02d3f6b2a0a89325c985

SHA-1:
c01a9386d82999ab25fbc9728a55ed14e15714cd

SHA-256:
4907673125af8c9e1d25077dceff6c39d25c1eeee60267d6d62eaae80fa02b15

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 3:12:51 PM UTC  (today)

File size:
1.5 MB (1,600,320 bytes)

Product version:
1.39.0.0

Copyright:
Copyright © Overwolf 2014

Original file name:
OWInstaller.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\overwolfinstallerrobocraft.exe

Digital Signature
Signed by:
Overwolf Ltd

Authority:
VeriSign, Inc.

Valid from:
1/15/2014 7:00:00 PM

Valid to:
1/16/2015 6:59:59 PM

Subject:
CN=Overwolf Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Overwolf Ltd, L=Tel-Aviv, S=Israel, C=IL

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
46ABAE1C12336BCAD02EAEAE2A1BFFB1

File PE Metadata
Compilation timestamp:
9/23/2014 9:32:22 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:Pi1QzP6Zw4lAjNj71hFs8reVfk8oa+LabzwOrg0V6T:q1+P6Ojl1hFs8reVfJoa+LaXwQY

Entry address:
0x180126

Entry point:
FF, 25, 34, 01, 58, 00, 00, 00, 00, 00, 00, 00, 00, 00, 08, 01, 18, 00, 00, 00, 00, 00, 00, 00, 00, 00, 66, 76, 21, 54, 00, 00, 00, 00, 02, 00, 00, 00, 89, 00, 00, 00, 58, 01, 18, 00, 58, E3, 17, 00, 52, 53, 44, 53, 09, 3A, 1C, 7C, 86, 54, 69, 42, 9C, D0, 82, 9E, CB, 40, 3B, 35, 01, 00, 00, 00, 44, 3A, 5C, 53, 65, 72, 67, 61, 79, 5C, 4F, 76, 65, 72, 77, 6F, 6C, 66, 53, 6F, 75, 72, 63, 65, 5C, 4F, 76, 65, 72, 77, 6F, 6C, 66, 5C, 49, 6E, 44, 65, 76, 5C, 4D, 61, 69, 6E, 44, 65, 76, 5C, 53, 6F, 75, 72, 63, 65...
 
[+]

Entropy:
6.0434

Code size:
1.5 MB (1,565,184 bytes)

The file overwolfinstallerrobocraft.exe has been seen being distributed by the following URL.

http://download.overwolf.com/OverwolfInstallerRobocraft.exe

Scan overwolfinstallerrobocraft.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.