» pcgamestore_setup.exe
Overview
Analysis
File Details

pcgamestore_setup.exe

Gamestreamer, Inc.

The executable pcgamestore_setup.exe has been detected as malware by 3 anti-virus scanners. The program is a setup application that uses the Nullsoft Install System installer.

File name:

Publisher:

Gamestreamer, Inc. (signed and verified)

MD5:

cfb58adb6938e4f302fa6f6ddac409cd

SHA-1:

8005eabf3071bd7b3d09ce1166deb2404b5d0047

SHA-256:

196fe7e6452393f8bb77a5205767b42bbcbc20d6f00194f89cc54127fa57b53a

Scanner detections:

3 / 68

Status:

Malware

Analysis date:

4/25/2024 10:23:23 AM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

HW32.CDB

1.3.0.4959

Reason Heuristics

Threat.Win.Reputation.IMP

16.11.29.19

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.24.3

File size:

212.1 KB (217,184 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Nullsoft Install System

Common path:

C:\users\{user}\downloads\pcgamestore_setup.exe

Digital Signature

Signed by:

Gamestreamer, Inc.

Authority:

The USERTRUST Network

Valid from:

3/25/2010 11:00:00 AM

Valid to:

3/26/2011 10:59:59 AM

Subject:

CN="Gamestreamer, Inc.", OU=Catalog/Software Engineering, O="Gamestreamer, Inc.", STREET=240 N. Washington Blvd, STREET=Suite 200, L=Sarasota, S=Florida, PostalCode=34236, C=US

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

00B4BB0995C55A92A47333C82533ED805C

File PE Metadata

Compilation timestamp:

1/5/2010 11:09:37 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.56

CTPH (ssdeep):

3072:tPXX7Nld9S3BJE45ez21v0aAU/faxkFN14KSAGvW8JRt0Ndu0XiU2b4uzc7eniZD:tPq345vBkFgKoxpku0XiUI4wmeniP5/

Entry address:

0x3E3F

Entry point:

55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, E8, 30, 59, 00, 00, C7, 04, 24, 01, 80, 00, 00, E8, D4, 55, 00, 00, 53, C7, 04, 24, 00, 00, 00, 00, E8, 3F, 59, 00, 00, A3, 28, 09, 43, 00, 51, C7, 04, 24, 08, 00, 00, 00, E8, 27, 32, 00, 00, A3, D8, 09, 43, 00, 8D, 85, 84, FE, FF, FF, 52, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, 4C, B2, 40, 00, E8, 69, 58, 00, 00, 83, EC, 14, C7, 44, 24, 04, 4D, B2, 40, 00, C7, 04, 24, 08, 0A... 
[+]

Entropy:

7.7054 (probably packed)

Code size:

34 KB (34,816 bytes)

Remove pcgamestore_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.