home

quraishpatch(v1.3.0).exe

InstallShield

Macrovision Corporation

The program is a setup application that uses the InstallShield Setup installer. The file has been seen being downloaded from quraishgame.com.
Publisher:
Macrovision Corporation

Product:
InstallShield

Description:
Setup.exe

Version:
12.0.49974

MD5:
93fca22d19b954bb387675f6cbfe49d3

SHA-1:
339d8f416aa3e74cc029bc65df1b82666900b55c

SHA-256:
69778a7c1dc03dc928b1bd5a4d553a61cde698426bbb0eed1d8158f235c64531

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/7/2024 3:52:42 AM UTC  (today)

File size:
3.3 MB (3,441,125 bytes)

Product version:
12.0

Copyright:
Copyright (C) 2006 Macrovision Corporation

Original file name:
Setup.exe

File type:
Executable application (Win32 EXE)

Installer:
InstallShield Setup

Language:
English (United States)

File PE Metadata
Compilation timestamp:
5/24/2006 6:57:31 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:LTHc9lxKh1zImd0D/cPUIJ5RdsD4Qajmn9aTHc9lO6X:LkARw/EUILE4djnkZX

Entry address:
0x22A29

Entry point:
22, CA, B4, 00, 0F, BF, C5, C6, C0, E1, BA, E9, 85, 2B, 6E, 69, DF, 75, DE, 10, 0B, BD, A9, 78, 42, 59, B6, 17, 69, EE, 2E, 2C, CA, 40, 0F, AF, F7, 85, CF, 0B, D6, FE, C5, 2B, C7, C6, C2, BE, 2A, CE, 89, DD, 0F, B6, DE, F6, C6, 0D, 6B, DB, 00, 4E, 0F, B6, F5, 77, 09, 0F, AF, C5, 69, FD, 46, 50, 7E, 1E, 81, C3, DB, FC, F3, FF, F2, F3, 28, E8, 81, C3, 26, 03, 0C, 00, 84, CB, 87, C9, 0F, B7, C2, 86, D2, 81, FB, 74, 03, 00, 00, 0F, 86, CC, FF, FF, FF, 80, E0, D9, 80, C6, 8B, E8, 1E, 00, 00, 00, 88, CB, 0B, D1...
 
[+]

Entropy:
7.5817

Code size:
276 KB (282,624 bytes)

The file quraishpatch(v1.3.0).exe has been seen being distributed by the following URL.

http://quraishgame.com/.../QuraishPatch(v1.3.0).exe

Scan quraishpatch(v1.3.0).exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.