home

pokersetup.exe

Playtech Software Installer

Playtech

This is a setup and installation application. The file has been seen being downloaded from banner.everestpoker.com.
Publisher:
Playtech

Product:
Playtech Software Installer

Description:
EverestPoker.com

Version:
11.2.38.0

MD5:
4d7134cec842c800a10e308b6d495a4d

SHA-1:
1414c2c8bfc8d7cbd509996a457a6b48ce60f3c0

SHA-256:
8792968e40f90d8854013fa674b325434a4af7222bb72a7fff8e04736fa62b5e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 5:29:33 AM UTC  (today)

File size:
362.8 KB (371,552 bytes)

Product version:
11.2.38.0

Copyright:
Copyright (C) 2001-2009 Playtech

Original file name:
CasinoDownloader2.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\pokersetup.exe

File PE Metadata
Compilation timestamp:
12/13/2012 3:21:50 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:ujvW/yjqTTO+USXSL5WquIed8jhbHjjfnno3tj+KFhjmS9kPGyrx6n/ahqO:ujQBTTO+USClWquIed81HjjPo9fFYQkj

Entry address:
0x348BC

Entry point:
B8, 80, BD, 5A, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 7D, EA, F6, 6B, 28, FC, 0D, 51, 14, 6E, 77, 06, FB, 1E, 8F, C0, 35, 00, 6B, C1, 89, 9D, F7, 9F, 53, 4B, 35, 92, 23, 67, 7B, 12, E9, 35, 46, 7A, 2B, E0, 35, 10, 98, EB, 10, 4B, 11, 42, 77, DC, 3B, CA, AD, BC, 30, 2B, 02, 90, 2F, E9, CF, F8, BA, B4, 5D, 98, 50, 4C, 80, 7B, 53, 25, B7, 8F, 2E, 6D, 73, 56, 4B, AE, 39, DE, 63, 08, AB, D4, 28, 2A, 72, 7C, 29, 72, AA, A3, 0B...
 
[+]

Packer / compiler:
PECompact v2

Code size:
335.5 KB (343,552 bytes)

The file pokersetup.exe has been seen being distributed by the following URL.

http://banner.everestpoker.com/.../SetupPoker.exe

Scan pokersetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.