» papyrus's big christmas adventure.exe
Overview
Analysis
File Details
Downloads (11)

papyrus's big christmas adventure.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from itch.zone and multiple other hosts.

File name:

Version:

1.0.0.0

MD5:

5ea7c14508d2a7050e36d8c725293e85

SHA-1:

a614863376176dc59aff241c2bc44b068e8951af

SHA-256:

f0f824572c6438173f4001e4935c4474db4d08006c39beb8b7ac18dc7beebe1a

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/23/2024 11:35:55 AM UTC (today)

Scan engine

Detection

Engine version

Rising Antivirus

PE:Malware.RDM.27!5.21 [F]

23.00.65.16101

File size:

16.8 MB (17,583,616 bytes)

Product version:

1.0.0.0

Original file name:

WEXTRACT.EXE .MUI

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\papyrus's big christmas adventure.exe

File PE Metadata

Compilation timestamp:

10/14/2013 12:50:27 AM

OS version:

6.3

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

393216:kFF3WvAAjxgLacyZ53yt+sfw/NTyzhoY8wjpvsgiCPWWZDxMo:BvAsxZ5Ct+yAAiYn+giuLJD

Entry address:

0x67CC

Entry point:

E8, 07, 0B, 00, 00, E9, 05, 00, 00, 00, CC, CC, CC, CC, CC, 6A, 58, 68, 68, 75, 40, 00, E8, BD, 0B, 00, 00, 33, DB, 89, 5D, E0, 89, 5D, FC, 8D, 45, 98, 50, FF, 15, 70, A1, 40, 00, C7, 45, FC, FE, FF, FF, FF, C7, 45, FC, 01, 00, 00, 00, 64, A1, 18, 00, 00, 00, 8B, 78, 04, 8B, F3, BA, EC, 88, 40, 00, 8B, CF, 33, C0, F0, 0F, B1, 0A, 85, C0, 74, 07, 3B, C7, 75, 16, 33, F6, 46, 83, 3D, F0, 88, 40, 00, 01, 75, 17, 6A, 1F, E8, 30, 09, 00, 00, 59, EB, 43, 68, E8, 03, 00, 00, FF, 15, 6C, A1, 40, 00, EB, C8, 39, 1D... 
[+]

Entropy:

7.9987 (probably packed)

Code size:

25.5 KB (26,112 bytes)

The file papyrus's big christmas adventure.exe has been seen being distributed by the following 11 URLs.

https://itch.zone/itchio/upload2/game/48516/138625?GoogleAccessId=507810471102@developer.gserviceaccount.com&Expires=1458913241&Signature=a cKNWYozbUZXyxv0CmHnKXRgiG/4uHkiUnOhVPBew4iukyuyFk6Uy2sW0HjKc9j6MiO/.../oUxEORHEJNdFpVw0Qxe FMUXg4BSg6WpxxanGPE=

https://w3g3a5v6.ssl.hwcdn.net/upload2/game/48516/138625?GoogleAccessId=507810471102@developer.gserviceaccount.com&Expires=1476490063&Signature=QLkOb5UdfUErv3MgD3engwd3kpy5mdXLd18XJT7RVe8KHsq4cqiXJY5UczQ4AModRwuBKolzolv731QlluocW 1E3AZsBhP9wXoOJxJwDVYa //.../e9V0dNUlG5oIBpq2dEYAOZJ7Km Vv9l4L0jZWn6I 7RCMZn9QPxlZg9U=&hwexp=1476490063&hwsig=48ed12e19af32b78a186c9e2a7832327

https://itch.zone/itchio/upload2/game/48516/138625?GoogleAccessId=507810471102@developer.gserviceaccount.com&Expires=1470072143&Signature=Q6H4HLdmIkAKNvS2Ig0B rnSM/X v6acRRax/9xiYwUzLfzPO7CfFcOiIi5cC1 yaEsYOYw7tFaZJ/.../4cIpeLbhOQo qnh3tKOgPtwUXfN8eKFhLlzf6EKR95BF7QAyfH1xv0os=

https://itch.zone/itchio/upload2/game/.../138625?GoogleAccessId=507810471102@developer.gserviceaccount.com&Expires=1475845370&Signature=b84rdRMLVPIFrxUZTFv352f2GaL5T6 R3Ez9ZlhyRp2c3N8jrdoAEX8tBX 1wL5jlsZEVkYmjKe7ExXrSq8eDbL5xrTqSZ2bUgMdL6 PbmEqKquMSgQpg1fAgCJAr1TZtT9xWPt 0MPtBaK5G1aRX1kPsinvozORl6zETVZlt4w=

https://commondatastorage.googleapis.com/itchio/upload2/game/48516/.../VESNdFF 0iWHo1jCydT n rPWM1IkMFs5rn4ZXv5hCvdDlc4gots41s8JGH1hgYhjWr9yJBoZq5sLxzGNObC1vpVP2UbJTBKh4JxeNu1lEsuSwGpSQjKh7ApUgRUfbBJoamDPp6cw=

https://itch.zone/itchio/upload2/game/48516/138625?GoogleAccessId=507810471102@developer.gserviceaccount.com&Expires=1454622731&Signature=me3nId8x QDLZkh5WqO/oQH /yMFffg4v4at55cTE1a3vwmjJePgVfoN6rf4Y21LpIOosDx5jZjDsOPx2SIL2hfdtU0/OTQW0IkHKAXo/r3JbGMhaF3mOuCA hMf AljoWxcAXZTxd/.../CxZSKhmNCC1jo4MlSz7sVU=

https://itch.zone/itchio/upload2/game/48516/.../zogkDLjwS4JZutHgKvECSUazgQ=

https://itch.zone/itchio/upload2/game/48516/138625?GoogleAccessId=507810471102@developer.gserviceaccount.com&Expires=1455392673&Signature=e/ynHPsdQwwOhcZDI0e1sXHog/KsK2U4MS83OH3mRM8lVBDA8D17JfRdss0stHJ0eH3Za/cqKKGt4WPxSFYEpiJp/.../H4x1XugX 2InnNWfIIkk77MnH3ALnbJNvoDs1IvuDP9FP4ieJWXFqq5YfwWEySkkgxjIMDp4cfjd0o=

http://commondatastorage.googleapis.com/itchio/upload2/game/48516/.../4FHQ6smNxWLvWmleY6Qcthw22lFEIZR2jjW8u7wniVB4NfRCGPzZTbdZjXDKfc4=

http://commondatastorage.googleapis.com/itchio/upload2/game/48516/.../wMwV7WqtQHNm26foWaaVCBEJkttPDHLUygnYomn1GQN vebmywOx9JQyG jtuyvn3r6Bsmvn6Si04q1GDcFAdujznyI=

http://itch.zone/itchio/upload2/game/48516/138625?GoogleAccessId=507810471102@developer.gserviceaccount.com&Expires=1450737500&Signature=lP2mcJPkhRixa18G2 BNTCxCnlqN4RmCNhWjRrOe 5w1deMTxZIa 9TNJAv6hgfP6ng7wux6KPPzBAVo6EDj5OU4rosvrACK8rGjKp4niPumLirAZCAD b2R4E/.../dWZA3CcuTXdanL7lcnPTE=

Scan papyrus's big christmas adventure.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.