home

pokersetup.exe

Playtech Software Installer

Playtech Software Ltd.

This is a self-extracting archive and installer. The file has been seen being downloaded from banner.mansionpoker.com.
Publisher:
Playtech  (signed by Playtech Software Ltd.)

Product:
Playtech Software Installer

Description:
MansionPoker

Version:
11.2.38.0

MD5:
70f90ce24e6437d4dd6699fb373dd3f0

SHA-1:
e95cf2cc552f94b6684ee50a7aa447b952e2dbca

SHA-256:
a419861575b4113f330fa415ef54db98806b8cc4193d2fb05c58eead1ee956e9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 9:04:41 AM UTC  (today)

File size:
473.9 KB (485,248 bytes)

Product version:
11.2.38.0

Copyright:
Copyright (C) 2001-2009 Playtech

Original file name:
CasinoDownloader2.exe

File type:
Executable application (Win32 EXE)

Language:
Swedish (Sweden)

Common path:
C:\users\petand\pokersetup.exe

Digital Signature
Signed by:
Playtech Software Ltd.

Authority:
VeriSign, Inc.

Valid from:
10/22/2014 2:00:00 AM

Valid to:
10/22/2017 1:59:59 AM

Subject:
CN=Playtech Software Ltd., O=Playtech Software Ltd., L=Douglas, S=Isle Of Man, C=IM

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4BCCAA7A2D896D3B2B5214ECAEE92EEA

File PE Metadata
Compilation timestamp:
12/13/2012 3:21:50 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:6jQBTTO+USClWquIed81HjjPPF5Xi4hfM1PifklJEZqU7OfpA0u+4utdVX:GQBTSw4vHfXF5Bh01KfkwZctf

Entry address:
0x348BC

Entry point:
B8, 30, 3B, 5F, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 3B, EA, A5, 9F, 6A, 36, 47, 37, 32, B7, 9F, F9, EF, 79, E4, 84, B7, 58, 35, 61, D1, 19, EB, FF, 06, 9C, CA, E1, C6, 6C, 01, C3, AA, 79, 45, 15, 3F, 6D, A8, 91, 3E, 9B, 6E, 59, 6C, B5, 8F, A9, A6, 12, 46, 72, A7, 92, 66, 39, BA, 35, F0, AE, 94, 29, 13, 08, 05, BE, 0C, 98, 7C, BA, ED, 31, 1D, 31, 01, DB, 24, 8D, DC, B4, 1D, EC, 57, 6B, E4, AC, BF, F5, 0A, DB, A5, 8D, A5...
 
[+]

Entropy:
7.7419

Packer / compiler:
PECompact v2

Code size:
335.5 KB (343,552 bytes)

The file pokersetup.exe has been seen being distributed by the following URL.

http://banner.mansionpoker.com/.../SetupPoker.exe

Scan pokersetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.