home

setuppoker.exe

Playtech Software Installer

Playtech Limited

This is a self-extracting archive and installer. The file has been seen being downloaded from banner.izipoker.it.
Publisher:
Playtech  (signed by Playtech Limited)

Product:
Playtech Software Installer

Description:
IziPoker

Version:
9.4.20.0

MD5:
e9facf84f94723a35a4d6f6a89a4dc31

SHA-1:
9be5218a7d32d5c9988c1c5dc167e6fa31dc6282

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/16/2024 10:26:31 AM UTC  (today)

File size:
234.3 KB (239,936 bytes)

Product version:
9.4.20.0

Copyright:
Copyright (C) 2001-2009 Playtech

Original file name:
CasinoDownloader2.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\documents and settings\utente\documenti\downloads\setuppoker.exe

Digital Signature
Signed by:
Playtech Limited

Authority:
VeriSign, Inc.

Valid from:
8/24/2010 2:00:00 AM

Valid to:
8/25/2011 1:59:59 AM

Subject:
CN=Playtech Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Playtech Limited, L=Douglas, S=Isle of Man, C=IM

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2377638F84B41CE9745E716AA64ABF99

File PE Metadata
Compilation timestamp:
9/2/2009 1:54:43 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
6144:b6ZmkWkr9eZX7RwlH2/8UcR10gBiPXo/9rv/C7Id+TPX+MZKAl:DBS9eZX9w2/8UcH0jP45vMP1ZKAl

Entry address:
0x2DDDB

Entry point:
B8, 44, 91, 4A, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 96, 11, D0, A0, 45, 3F, 7D, 7A, C1, FF, C2, A4, 9E, A5, 1C, A0, 14, B1, 25, E4, 71, BB, 14, B2, FE, 5F, 46, 8A, 28, 63, 3C, 99, 59, 2C, CE, 17, 48, FC, DD, 33, D3, 0B, 5F, 85, 42, B5, 36, AD, 78, 69, 00, 12, 1B, 0B, 1C, 7D, CC, 1B, 87, FB, 0B, 68, E2, DF, 54, 96, 8A, 12, 56, 30, 09, FD, 5B, E9, 25, 4A, C6, C7, B4, C3, 25, B2, 94, A4, F5, 63, D6, 3F, FA, 78, B9, 9F, 64...
 
[+]

Packer / compiler:
PECompact v2

Code size:
260 KB (266,240 bytes)

The file setuppoker.exe has been seen being distributed by the following URL.

http://banner.izipoker.it/installer/.../SetupPoker.exe

Scan setuppoker.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.