home

setup_ladbrokescasino.exe

install.exe

Microgaming Software Systems Limited

The application setup_ladbrokescasino.exe by Microgaming Software Systems Limited has been detected as a potentially unwanted program by 5 anti-malware scanners. This is the uninstaller utility registered in the Windows Control Panel for the program Ladbrokes Casino. The file has been seen being downloaded from casino.ladbrokes.com and multiple other hosts.
Publisher:
Microgaming Software Systems Limited  (signed and verified)

Product:
install.exe

Description:
Install Program

Version:
16.6.1.11212

MD5:
51e5da000e4b02fe79f92be70e33cded

SHA-1:
30af7146c01ca70ece905cd2b089c790a400c5e2

SHA-256:
57afab624e57d96d0ee5e2bed72b18e99d108b3cf5adba76ef43e5352278cfc3

Scanner detections:
5 / 68

Status:
Potentially unwanted

Analysis date:
5/2/2024 7:36:41 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
GAME/Casino.Gen
7.11.138.10

ESET NOD32
Win32/PrimeCasino (variant)
8.9565

Fortinet FortiGate
Riskware/CasOnline
7/1/2014

F-Prot
W32/Casino.P.gen
v6.4.7.1.166

VIPRE Antivirus
Casino Software (not malicious)
27562

File size:
692.1 KB (708,720 bytes)

Product version:
16.6.1.11212

Original file name:
install.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\setup_ladbrokescasino.exe

Digital Signature
Signed by:
Microgaming Software Systems Limited

Authority:
Entrust, Inc.

Valid from:
3/24/2011 11:59:35 AM

Valid to:
3/25/2013 2:25:01 AM

Subject:
CN=Microgaming Software Systems Limited, O=Microgaming Software Systems Limited, L=Douglas, S=Isle of Man, C=GB

Issuer:
CN=Entrust Code Signing Certification Authority - L1D, OU="(c) 2009 Entrust, Inc.", OU=www.entrust.net/rpa is incorporated by reference, O="Entrust, Inc.", C=US

Serial number:
4C16EC30

File PE Metadata
Compilation timestamp:
4/15/2012 8:07:06 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:GPqlDAbt2HGn1dlrRe0eBkjvKghJqmMIAnImToN2LHQI2HLsbMwuako:GCrHGn1bYlkjv5hJ3MIAnImcN2L8HLsj

Entry address:
0x48018

Entry point:
E8, F8, 86, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C...
 
[+]

Entropy:
7.0121

Code size:
355 KB (363,520 bytes)

Program Uninstaller
Program name:
Ladbrokes Casino

Display version:
16.6.1.11212

Uninstall string:
C:\Microgaming\Casino\Ladbrokes\install.exe -uninstall


The file setup_ladbrokescasino.exe has been seen being distributed by the following 3 URLs.

http://casino.ladbrokes.com/.../direct-download

http://casino.ladbrokes.com/.../direct-download

http://casino.ladbrokes.com/direct-download

Remove setup_ladbrokescasino.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.