home

setupcasino_287ec6.exe

Playtech Software Installer

Playtech Software Limited

This is a self-extracting archive and installer. The file has been seen being downloaded from banner2.casino.com and multiple other hosts.
Publisher:
Playtech  (signed by Playtech Software Limited)

Product:
Playtech Software Installer

Description:
Casino.com

Version:
1, 0, 0, 1

MD5:
b38d0b2402179fe7c08c3504668b2678

SHA-1:
00f56e6d2626bdef98e1708ef802fbfcb8f94761

SHA-256:
6933bfb94214f62f0090ebc7d533358240ae6e32f4d3693701416d66525ab1ba

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 3:38:44 AM UTC  (today)

File size:
628.8 KB (643,896 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2001-2009 Playtech

Original file name:
CasinoDownloader2.exe

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\setupcasino_287ec6.exe

Digital Signature
Signed by:
Playtech Software Limited

Subject:
CN=Playtech Software Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Playtech Software Limited, L=Douglas, S=Douglas, C=IM

Serial number:
7584CAA2377ED24D26D91034E6DE0EBB

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
12288:+wuiLhBqaUngp3XgmFdNvvJbsuipryyme43fRj8irgJti0uIp5:LhB4vYvJbBwYDrga0uG5

Entry point:
B8, 98, FF, 74, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 39, 00, 7B, DE, 11, 11, 1A, AC, AE, 0B, 80, 9D, FB, EC, 67, CD, F6, DD, 47, 87, 9D, 7A, 6E, 6C, 4F, 6F, D0, 1A, D0, EB, D1, 65, 2F, F5, DA, 08, 3A, 5B, 33, 16, 51, 19, BE, FD, 25, F0, 8A, 2C, D0, 3F, D7, 5C, EA, 6A, 2C, C8, 9A, D7, 13, 9D, 95, AE, 56, E2, 78, 77, A2, 8B, 7A, E2, 6E, 44, 6F, C5, 3A, A2, 99, 2B, 99, 82, 56, C1, 65, D5, C0, 27, 3F, C8, 91, AF, 99, 32, 29...
 
[+]

Entropy:
7.4291

Packer / compiler:
PECompact v2

The file setupcasino_287ec6.exe has been seen being distributed by the following 4 URLs.

http://banner2.casino.com/installer/.../SetupCasino_697681_sv.exe

http://banner2.casino.com/installer/.../SetupCasino_7865ed.exe

http://act.casino.com/redirect/.../

http://banner2.casino.com/.../SetupCasino.exe

Scan setupcasino_287ec6.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.