» strongholdcrusadersinglemultiplayerdemo1.1u.s.exe
Overview
Analysis
File Details
Downloads (13)

strongholdcrusadersinglemultiplayerdemo1.1u.s.exe

Stronghold Crusader Multiplayer Demo

Firefly Studios

This is a setup program which is used to install the application. The file has been seen being downloaded from stronghold-crusader.soft32.com and multiple other hosts.

File name:

Publisher:

Firefly Studios

Product:

Stronghold Crusader Multiplayer Demo

Version:

1.0

MD5:

e307296643da007f94ac299b6b745e64

SHA-1:

8951847b4d560991f6cc5b5776ff206f0b3a920e

SHA-256:

6ea94825333979afb31228e4c490e6b25fc5d58b703987e4dac992b9295dfd76

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/29/2024 11:51:47 PM UTC (a few moments ago)

File size:

88.1 MB (92,361,305 bytes)

Product version:

1.0

Original file name:

stub32i.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

File PE Metadata

Compilation timestamp:

6/16/2000 7:00:04 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

1572864:9912jkr2t3w2DJx0Zagh6rPHY37+ZjmjUvhpkJpc0OU6uyB:B2g2v0tcg3Oj9pkJ+0O9uM

Entry address:

0x84A7

Entry point:

55, 8B, EC, 6A, FF, 68, 10, 23, 41, 00, 68, E0, B5, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, E8, 21, 41, 00, 33, D2, 8A, D4, 89, 15, 30, 53, 41, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 2C, 53, 41, 00, C1, E1, 08, 03, CA, 89, 0D, 28, 53, 41, 00, C1, E8, 10, A3, 24, 53, 41, 00, 33, F6, 56, E8, E0, 00, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, 11, 2F, 00, 00, FF, 15, EC, 21, 41, 00, A3, E4, 68, 41, 00, E8... 
[+]

Entropy:

7.9994

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

68 KB (69,632 bytes)

The file strongholdcrusadersinglemultiplayerdemo1.1u.s.exe has been seen being distributed by the following 13 URLs.

http://stronghold-crusader.soft32.com/get/file/id/.../

http://www.laboratorycenterconecpt.com/oB4xCwD1FNzkya4XZkOflza9PWbWlnDXrUTHmAKLhNIh Xw84rUHHEYW wNXT1jBXVJSaTPa y3Dv4Yztl7GQ9WLQ0d2oK6iePCDg ygn21BCbHPxugwdnzyP2zMsm18CAMzDULHA3OwQSPyV24vg1ETLEkK1aqN0ydPBZBXUMjB9LUElWTzSbNgp1qiY3Hp_eGvMZlizg56Vb7Q3F_dHQrxfrHPcjijXoX 6a6C7gK962DS1JVNMH1QADTiU2AUAlCHQBQh5X PYJlZi6YuSsDEYsGJmotujtFkYw1RscJGDJflaEKDs9pr4HU18pUslMJkFiweG4iaOtWo080G86SUrDcMD0KonuavZJf7rCm6nz3nU2XPWFIj5NeMOLzq07qJ7LmnMGsp M7KWUPLwIRFKwAm7 DRLFXC3Dhv8bmue6mNWugYtOmrufL7lvxVde8lK02Kugafc4Jb5eskIP0pHFfzzgubw32GlZZH6AOWD9qdEEYuGs3IL6Tm1WQlZtT_mKWNCM7ExVR9K6 LukvGZTV69YvWYlOy6ekj GjHIY0t2xrQBeljZatxo 1fHR0tzaoW_pXx_emqquYuifx45ZkNYg==-G1AAAGQ9PT9V2obvhKYuFuuSwQYcsCe6JTiABxtj5wtiN5f7k0RNPJ2Nog3uYmEJdrZ7bEKgKKkyFMGcBW5CALlxv7dNvakY9Fc=-e

http://www.laboratorycenterconecpt.com/PSlS08PrhrGVBmYY zX S0eBFBbousr0nKwT6HPdMD6862Q2Cgs0jctW3L6eJ3cAa2_Cpw9XMvwe0wkydID4ZwujyEHxXhDgdiUIOeTi83ieCwC1KhYrg5aCboA_Nf9l5_jrShUUp3h_2gxJB_5yyFTsgYDyfBPYdXC6UnZBQ0AhjgbGXKHgeRTltJVnzrLr0EXEm0FpQM D27v7CIkzPFUE vhrjw==-G1AAAGQ9PT9V2obvhKYuFuuSwQYcsCe6JTiABxtj5wtiN5f7k0RNPJ2Nog3uYmEJdrZ7bEKgKKkyFMGcBW5CALlxv7dNvakY9Fc=

http://www.currentupdateconcepts.com/TTKcfCrU7 McUCk1Q_4UUFi9uSCiJxQ969noax64T62k5kPUxsHRcCxhH20lOD26WEaVCx0gRVR9udnA0vR9VD6 e H6Dt3FFFKxnNZUzBYKQAyUhpqTIVZzylIpIHVSrXceI R3TMvRlNW1KaxrHxg0AMe2cojZCpJQGPVACaQZ0ld3rAqSRYAWuUZtGcIMGNYc7WybsNz_OVADv2H2L1m_ot LzA==-G1IAAERPFhOP2XjnZuOUA_ZaWdo8pKvcU1aEbEygfdcad1qKaXjeErwCgdljqdsoCn26FMNAWeZ8Ag==

http://www.laboratorycenterconecpt.com/2SRu_i7B3qISy72uSok0YhUQOLS3n6LB OWJRGWsmVDyXK91FGt2C kUJOlHXbDEM11N25xmfGKTPLEpQXDQX2rRD8gP6m7oAg6AbnNFAwiSekBOKPIS3ztx BMo0HZCPuDVI3HBgCxXdwrBvjrU5KCgCuz6kikunRLa1oYumpiMztXTcZwSUN6tjPl4jYaUqlsZr_umdA4AA90JMRBnk4BuYv8MpLDXYbXUdv5eR8AglBC28Z3zqUTSsApBHR8CJaPViHPX57P1fc1nlZo4xldHs9_7mTnkb6JU8nk7SnF9ej19WRaiobvdeXSl75DSKV_6atytHDwQZAe1BowWP5o4yffmXRl8AD 9NabGZRFpEsJy0JFovYxh5EkWpzWPTEfgPvSymiGbs2tLXx6z8BHclWDoUG0YndYVJSNPYA7nimu_ayZeSD gj0biySRJiPQucn88KAErarY51gqgLPR1 CIprDRHv1nED05twGbU3kuKwlRuMbG8mLz21HCO2tH Jz0 WhCJztl_Lcup1XdqwGGcVBHqTPTDDmIBWtsqHR0sxf4n103eek Zcbtblcyx 1NyBpwxUb4eiYpPuZAuNI8e9g==-G1AAAGQ9PT9V2obvhKYuFuuSwQYcsCe6JTiABxtj5wtiN5f7k0RNPJ2Nog3uYmEJdrZ7bEKgKKkyFMGcBW5CALlxv7dNvakY9Fc=-e

http://qpdownload.com/download.php?name=stronghold-crusader

https://d1ob5g40gc5b6g.cloudfront.net/41/406295/.../strongholdcrusaderdemo.exe

http://files.freetrialdownload.com/41/406295/.../strongholdcrusaderdemo.exe

http://cdn.whitestorageocean.com/c?x=NfQYeKhsqRijmI qb4aUn9dVsoMWMWL/ T0LMOKpYKE=&c=Sxkyvk63C781GU0lusbPBHrRucfy4ieLuuv/xjST jhB78mwOAYaa8xNhUSS3tAPKEkUp9EcwRhhg5Jk2V/lig==&fallback_url=http://files-download.komputerswiat.pl/GryIRozrywka/Strategiczne/.../strongholdcrusader_demo_us.exe

http://stronghold-crusader.soft32.com/get/file/id/.../?rel=breadcrumbno_download_manager=true

http://stronghold-crusader.soft32.com/get/file/id/.../?no_download_manager=true

http://download.soft32.net/41/406295/.../strongholdcrusaderdemo.exe

http://stronghold-crusader.soft32.com/get/file/id/.../?rel=center

Scan strongholdcrusadersinglemultiplayerdemo1.1u.s.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.