home

Setup.exe

Legacy Interactive, Inc

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This downloadble file is typically blocked through Google's Safe Browsing technology in Chrome web browser. The file has been seen being downloaded from www.legacygames.com.
Publisher:
Legacy Interactive, Inc  (signed and verified)

MD5:
836e835deebd1d302c01bd8431f57f5a

SHA-1:
599e9d1532e9921f8d63010d09a1f7134dda0654

SHA-256:
6f7db00c7cdb9fffc0aa72065c11e476517fab26ad81e73c3da7d6a4f247e8df

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/5/2024 1:28:55 AM UTC  (today)

File size:
545.6 MB (572,075,560 bytes)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Signed by:
Legacy Interactive, Inc

Authority:
COMODO CA Limited

Valid from:
9/17/2015 5:00:00 PM

Valid to:
9/17/2016 4:59:59 PM

Subject:
CN="Legacy Interactive, Inc", O="Legacy Interactive, Inc", STREET=2684 Lacy st., STREET=Suite 208, L=Los Angeles, S=CA, PostalCode=90031, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
008B5AC8A9B99E697293C0AD9C86832F22

File PE Metadata
Compilation timestamp:
12/5/2009 2:50:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12582912:+24xJYnjZLvKSMfpaqnW9y7vrR3jtJ8fAl6+g+Y4VgkgBl:+dkjZLtMxfnh7BpJ8Ig+DJ1O

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Entropy:
8.0000

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file Setup.exe has been seen being distributed by the following URL.

http://www.legacygames.com/genrePlatform/download/.../579

Scan Setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.