simulator demo.exe

MetroSimulator

Scan simulator demo.exe - Powered by Reason Core Security
Product:
MetroSimulator

Description:
MetroSimulator 0.5 beta 3.5.2

Version:
0.3.3.0

MD5:
9fda1ad09aeba71a8a13040b8e2754fc

SHA-1:
6d971092eea4abe45ff52d28b94a44d2b77296d2

SHA-256:
9525fb00c8d77715741a5eef783f37e068c41fde385d694e41e578afa51f7019

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/5/2016 3:40:40 AM UTC  (today)

Scan engine
Detection
Engine version

McAfee Web Gateway
Heuristic.LooksLike.Win32.Suspicious.N!86
7.7103

File size:
2.6 MB (2,692,096 bytes)

Product version:
0.5b3

Original file name:
Simulator DX.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\metrosimulator\metrosimulator beta\simulator demo.exe

File PE Metadata
Compilation timestamp:
5/24/2014 7:35:47 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.22

CTPH (ssdeep):
49152:VY+8j7twswArdyQ19Fdcfq1GAjLQxwGck8ZzCQ:VY+8j7twDArdyYFUqYAjsp8n

Entry address:
0x12A0

Entry point:
83, EC, 1C, C7, 04, 24, 02, 00, 00, 00, FF, 15, 0C, F5, 68, 00, E8, 4B, FD, FF, FF, 8D, 74, 26, 00, 8D, BC, 27, 00, 00, 00, 00, A1, 40, F5, 68, 00, FF, E0, 89, F6, 8D, BC, 27, 00, 00, 00, 00, A1, 2C, F5, 68, 00, FF, E0, 90, 90, 90, 90, 90, 90, 90, 90, 90, 8B, 0D, 74, 02, 67, 00, 85, C9, 74, 38, 55, 89, E5, 83, EC, 18, C7, 04, 24, 00, 10, 67, 00, E8, 08, CF, 1B, 00, 52, 85, C0, 74, 23, C7, 44, 24, 04, 0E, 10, 67, 00, 89, 04, 24, E8, FB, CE, 1B, 00, 83, EC, 08, 85, C0, 74, 09, C7, 04, 24, 74, 02, 67, 00, FF...
 
[+]

Entropy:
6.0768

Code size:
2.4 MB (2,551,296 bytes)

The file simulator demo.exe has been discovered within the following program.

MetroSimulator Beta  by MetroSimulator
Publisher's description - “Metro Simulator is the beta version of this metro simulator. In this version the route has been extended and new functions have been added. Because this is the last version this route is being used, the world has not been filled more.”
sim.bemined.nl
16% remove it
 
Powered by Should I Remove It?

Scan simulator demo.exe - Powered by Reason Core Security