» superbike-racers-downloader.exe
Overview
Analysis
File Details
Downloads (1)

superbike-racers-downloader.exe

GameHitZone.com Download Manager

Gamehitzone Inc.

The application superbike-racers-downloader.exe by Gamehitzone has been detected as a potentially unwanted program by 2 anti-malware scanners. The file has been seen being downloaded from www.gamehitzone.com.

File name:

Publisher:

Gamehitzone Inc. (signed and verified)

Product:

GameHitZone.com Download Manager

Version:

1.0.0

MD5:

6ce0c8fea5bb0a162c3e74fe3449ae95

SHA-1:

6807c03ba11bd8f6a5dfe02154567c76e827580d

SHA-256:

04894ed4d5fcca5cd658fdceac70e2ab6aa97988a37437cc93628eb9d99cb83b

Scanner detections:

2 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 2:07:48 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Gamehitzone

15.1.18.17

Rising Antivirus

PE:Malware.Downloader!1.9EEC

23.00.65.15116

File size:

906.9 KB (928,616 bytes)

Product version:

1.0.0

Original file name:

1111.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\superbike-racers-downloader.exe

Digital Signature

Signed by:

Gamehitzone Inc.

Authority:

GlobalSign nv-sa

Valid from:

10/14/2014 10:46:02 AM

Valid to:

1/14/2017 10:46:02 AM

Subject:

E=abuse@gamehitzone.com, CN=Gamehitzone Inc., O=Gamehitzone Inc., L=Belize City, S=Belize, C=BZ

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121CE11F3B8C23214B9089ECDD724159825

File PE Metadata

Compilation timestamp:

5/6/2009 8:36:57 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

24576:ULrz+FijTEJNI0fTNS5nsAef8JCL0J2HU:Gz+Fi2LNS5nsAefiCLHU

Entry address:

0x82272

Entry point:

E8, 1D, 79, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63, FC, FF, E0, 5B, C9, C2, 08, 00, 58, 59, 87, 04, 24, FF, E0, 55, 8B, EC, 51, 51, 53, 56, 57, 64, 8B, 35, 00, 00, 00, 00, 89, 75, FC, C7, 45, F8, DC, 22, 48, 00, 6A, 00, FF, 75, 0C, FF, 75, F8, FF, 75, 08, E8, FC, FC, 00, 00, 8B, 45, 0C, 8B, 40, 04, 83, E0, FD, 8B, 4D, 0C, 89, 41, 04, 64, 8B, 3D, 00, 00, 00, 00... 
[+]

Entropy:

6.3986

Code size:

640 KB (655,360 bytes)

The file superbike-racers-downloader.exe has been seen being distributed by the following URL.

http://www.gamehitzone.com/.../superbike-racers-downloader.exe

Remove superbike-racers-downloader.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.