home

subway_surfers_eng.exe

Cat-A-Cat

This is a setup and installation application. The file has been seen being downloaded from down.upf.co.il and multiple other hosts.
Publisher:
Cat-A-Cat

Description:
Subway Surfers 1.0 Installation

Version:
1.0

MD5:
a92df4feed8856659184ea3562ab44a4

SHA-1:
c4bbe6d4ae86cac7c43f2cfea2bd3ad70b6b7ac5

SHA-256:
524b0819f07a9406e07e61db5cb34e476b76ac061782672bc0e50ecc979ffd88

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/25/2024 8:34:50 PM UTC  (today)

Scan engine
Detection
Engine version

Norman
Suspicious_Gen4.CFACQ
11.20140128

Total Defense
Win32/Jorik.KJ
37.0.10498

File size:
22.4 MB (23,498,217 bytes)

Copyright:
Cat-A-Cat

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\subway_surfers_eng.exe

File PE Metadata
Compilation timestamp:
6/20/1992 3:52:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:VX0SnGNOdPy+RUqoTXN2QDv3tOOiprUFjvAqguUdMkP6yRSaCZv2aOFYAVVajFKK:50Sd7UqoT9PgOUruYuOM8GN2aOFhmj4K

Entry address:
0x25468

Entry point:
55, 8B, EC, 83, C4, F0, B8, 88, 53, 42, 00, E8, 24, F2, FD, FF, B8, C8, 54, 42, 00, E8, 2A, 1C, FE, FF, 8B, 15, 40, 88, 42, 00, 89, 02, 8B, 15, 40, 88, 42, 00, 8B, 12, A1, 48, 88, 42, 00, E8, E4, D3, FF, FF, 8B, 15, 40, 88, 42, 00, 8B, 12, A1, DC, 87, 42, 00, E8, 7A, 64, FF, FF, A1, 40, 88, 42, 00, E8, AC, 4E, FE, FF, E8, DF, E0, FD, FF, 00, 00, 00, FF, FF, FF, FF, 01, 00, 00, 00, 2A, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9854

Developed / compiled with:
Microsoft Visual C++

Code size:
145.5 KB (148,992 bytes)

The file subway_surfers_eng.exe has been discovered within the following program.

Subway Surfers 1.0  by Cat-A-Cat
Subway Surfers is an endless running game with the object of the game is to run one's hooligan character as far as possible through an endless game world by avoiding randomly generated obstacles that require the player to either jump duck and/or dodge the oncoming trains.
www.company.com
3% remove it
 
Powered by Should I Remove It?

The file subway_surfers_eng.exe has been seen being distributed by the following 38 URLs.

http://down.upf.co.il/downloadnew/file/.../c3bdf57bb3582a507db4999557652b9f?ip=5.29.139.19

http://199.91.153.77/wjzczdzj60dg/.../Subway_Surfers_ENG.exe

https://downloader.disk.yandex.ru/disk/274108fbffb794f5a7fd56d576a32c079ad828df4f0242cd6ec0c6ff547f4f37/5865613f/alIdPNovkUx5xvEWgGT9kv2dssvhqb3-B0YZ81krqulPi9QEVwcLLvIijSH5CSB6xRcSzIQPmBthEGQUoa7pow==?uid=0&filename=Subway_Surfers_ENG.exe&disposition=attachment&hash=4VhCywFo/PefB/.../x-msdownload&fsize=23498217&hid=cb81269dd20a6bee1c4e6b91b5919af5&media_type=executable&tknv=v2

http://down.upf.co.il/downloadnew/file/.../b4577f4869dfd4f0cce15f2701dc36b0_MTQ0MzYxNjAwMQ==

https://downloader.disk.yandex.ua/disk/313406e4ac7dd37022d83ff9744d0607483326637b4da8cffe17e3edf582a17b/56801679/.../x-msdownload&fsize=23498217&hid=cb81269dd20a6bee1c4e6b91b5919af5&media_type=executable&tknv=v2

http://dla.uloz.to/Ps;Hs;fid=29619948;cid=99474939;rid=367921578;up=0;uip=86.49.174.9;tm=1461758738;ut=f;aff=uloz.to;did=uloz-to;He;ch=ac6d026e03e42634913b5979c6979cb6;Pe/.../subway-surfers-eng-pc-exe?bD&c=99474939&De

https://docs.google.com/a/.../uc?authuser=0&id=0B_OiD2E52hIpRFVqeWhWZ2szWU0&export=download

http://down.upf.co.il/downloadnew/file/.../9d8b95839d1dacda06207aa9633f21db?ip=176.13.14.134

https://mega.co.nz/temporary/.../RkMQTIKD

http://down.upf.co.il/downloadnew/file/.../127dd67c33a904bdd670ea1069b226a1_W93AqOxLfHWmORaSmkw13371337Lg==

blob:http://www.upf.co.il/ddc24fa7-e6cd-416f-a0bd-787c87888dd2

https://doc-0s-10-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/qtu1vr9vrkfa0jttrhf1oc2v7ajcaps9/1429941600000/02869851205640666764/.../0BzZI_snfwCV9UEVpanBIRTR5TjA?e=download

https://downloader.disk.yandex.ua/disk/59bf9763b525e7f2bc588778a24b191c1d9964f395705d892c8e521d3c93d41e/581b7181/.../x-msdownload&fsize=23498217&hid=cb81269dd20a6bee1c4e6b91b5919af5&media_type=executable&tknv=v2

http://down.upf.co.il/downloadnew/file/.../81f6a7706f8159c9069d83ada51c2655_bp4qsre0gdRJITJEWvxj3w==

http://down.upf.co.il/downloadnew/file/.../7a448223daab5ec78ededf84057ba917

https://doc-0s-10-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/v3a5du9r02patt7qvd7ofli1jgsaj836/1430985600000/02869851205640666764/.../0BzZI_snfwCV9UEVpanBIRTR5TjA?e=download

temp:Subway_Surfers_ENG.exe

https://docs.google.com/uc?authuser=0&id=0B_OiD2E52hIpRFVqeWhWZ2szWU0&export=download

http://down.upf.co.il/downloadnew/file/.../fcbb9c342cb374a47c9846b4bf8a882c?ip=37.142.158.47

temp:Subway_Surfers_PC(www.thetechmania.com).exe

http://download1435.mediafire.com/u2zi2uyawk6g/.../Subway_Surfers_ENG.exe

http://www.tourgrabdelivery.com/c?x=veShKL4Bnhu9py/qUiUczLv055v7xQ3dVMd9KDw4Io0=&c=wuEezifkcKU1MoSEonDNyQ3tLP5BozMHBLpi6UhQqVwpuM44lljW5xd3/MV/wNu9P6bqJ6b5/m3w0zAEIkuthLiv zLKLBXXClyc3jK6uZjKJpgcm5OvbaHn4nW492Dm&downloadAs=SubwaySurfers-ENG-Se.exe&fallback_url=http://.../get.php?file=0008988c&m3

https://p-def3.pcloud.com/.../Subway_Surfers_ENG.exe

http://1.2.3.5/.../Subway_Surfers_ENG.exe

http://dl1.revdownload.com/dl1/2015/.../Subway_Surfers_PC_www.RevDl.com.exe

http://s7828.chomikuj.pl/File.aspx?e=WZern9CnUvnhBD4OzXknXB0OW9VeRXmVx021QrmveKV5OAJTel0v-LAkUwwCOgr58dbJS5s6U7gtNp8opEe0S6bC3UtKbRi-7ai-5VnG5MFrHzrE6Na4BSPE3JZSvRcjzDmJjc8dIZKtPVKtBN8U7w&pv=2

https://doc-0s-10-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/ibfqae1jvr09g86lpnqelanh4olp1jkg/1440136800000/02869851205640666764/.../0BzZI_snfwCV9UEVpanBIRTR5TjA?e=download

http://gaveta.net/download.php

http://surfers-subway.ru/file.php

http://bit.ly/1tIqvb5

Latest 30 of 38 download URLs

Scan subway_surfers_eng.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.