home

Setup.exe

Downloader

Aeria Games and Entertainment

This downloadble file is typically blocked through Google's Safe Browsing technology in Chrome web browser. The file has been seen being downloaded from download.aeriagames.com.
Publisher:
Aeria Games & Entertainment  (signed by Aeria Games and Entertainment)

Product:
Downloader

Version:
2,1,0,0

MD5:
53e6947fdc4aff7691bb45a92cccb60f

SHA-1:
5962d0a7432058437a4a6361a4a2a0038137204f

SHA-256:
a5a2904a0833450f2350ee034eb57d55cfb8a103d25b3db9d0b14a352578faa3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/20/2024 2:52:38 AM UTC  (today)

File size:
544.1 KB (557,152 bytes)

Product version:
2,1,1783,0

Copyright:
© 2012 Aeria Games & Entertainment, Inc.

Original file name:
Downloader.exe

Language:
English (United States)

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Signed by:
Aeria Games and Entertainment

Authority:
Thawte, Inc.

Valid from:
1/24/2012 7:00:00 PM

Valid to:
1/24/2014 6:59:59 PM

Subject:
CN=Aeria Games and Entertainment, O=Aeria Games and Entertainment, L=Santa Clara, S=California, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
1A25B9207D56560561E712462DE87F87

File PE Metadata
Compilation timestamp:
10/4/2012 1:28:41 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:wRmKkq8geE7MB3L4VGgVSYJd+5aT+E90NSj9Ms5GH8dkIaki:wQKIjE7U8VGqJd+IT+tNy+s8hei

Entry address:
0x21871

Entry point:
E8, 0A, 72, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 10, 83, 65, FC, 00, 56, 8B, 75, 08, 85, F6, 75, 16, E8, 50, 11, 00, 00, 6A, 16, 5E, 89, 30, E8, E3, 45, 00, 00, 8B, C6, E9, 0C, 02, 00, 00, 6A, 24, 68, FF, 00, 00, 00, 56, E8, 2E, E8, FF, FF, 8B, 45, 0C, 83, C4, 0C, 85, C0, 74, D3, 8B, 08, 8B, 40, 04, 89, 4D, F0, 89, 45, F4, 83, F8, FF, 7F, 16, 7C, 08, 81, F9, 40, 57, FF, FF, 73, 0C, E8, 09, 11, 00, 00, 6A, 16, 5E, 89, 30, EB, BC, 83, F8, 07, 7C, 0A, 7F, ED, 81, F9, CF, 26, 41, 93, 77, E5...
 
[+]

Entropy:
7.1972

Code size:
197.5 KB (202,240 bytes)

The file Setup.exe has been seen being distributed by the following URL.

http://download.aeriagames.com/files/games/fr/tribesascend/.../tribesascend_fr_downloader.exe

Scan Setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.