home

setupcasino_53d0bb.exe

Playtech Software Installer

Playtech Software Limited

This is a self-extracting archive and installer. The file has been seen being downloaded from banner.betfred.com.
Publisher:
Playtech  (signed by Playtech Software Limited)

Product:
Playtech Software Installer

Description:
Betfred Casino

Version:
1, 0, 0, 1

MD5:
b353ca19b4452baa96d9e9b770f4b47d

SHA-1:
d236288d08f9180615b1692d07371cb019e4d52b

SHA-256:
dbba9e4a1ae9d3e567fd0056f57d5eb538f7b9bab68c28d14faba82bb7118d79

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 6:08:32 PM UTC  (today)

File size:
324.4 KB (332,160 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2001-2009 Playtech

Original file name:
CasinoDownloader2.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\setupcasino_53d0bb.exe

Digital Signature
Signed by:
Playtech Software Limited

Authority:
VeriSign, Inc.

Valid from:
10/22/2012 1:00:00 AM

Valid to:
10/26/2015 11:59:59 PM

Subject:
CN=Playtech Software Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Playtech Software Limited, L=Douglas, S=Douglas, C=IM

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7584CAA2377ED24D26D91034E6DE0EBB

File PE Metadata
Compilation timestamp:
10/27/2012 8:00:35 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:JppJQwsvDZ/8ZfmjNQYoO9CwK71O26kUm3GyKOmmLMGPL:ExEmjCGU71/6kP3DKERL

Entry address:
0x33B7C

Entry point:
B8, 20, D7, 59, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, C5, A3, D6, 35, 47, FB, 73, 0D, 18, 0D, FE, 17, 1B, 48, B0, D7, 1A, 8A, DA, 34, A7, 8C, 68, 45, 8D, 15, EF, 7B, BF, 2E, A0, 6B, 82, C1, B3, 90, 7A, E5, 61, 39, FB, FB, 3C, 48, F6, 00, 4A, 6A, B3, AA, D9, 10, E6, F3, B3, B7, 7E, 8F, 51, F5, C7, B0, CC, 4B, F7, 27, 2E, 64, 9A, 75, 19, 6D, 10, 04, B7, E9, 3B, 2C, E5, 21, F5, 2A, 3F, B6, 0E, A2, BF, F0, 8F, 4F, D6, 6E, AB...
 
[+]

Entropy:
7.7673

Packer / compiler:
PECompact v2

Code size:
331.5 KB (339,456 bytes)

The file setupcasino_53d0bb.exe has been seen being distributed by the following URL.

http://banner.betfred.com/installer/.../SetupCasino_25ed.exe

Scan setupcasino_53d0bb.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.