home

tera.exe

TERA

Bluehole Studio

This is a setup program which is used to install the application. The file has been seen being downloaded from mega.nz.
Publisher:
Bluehole Studio

Product:
TERA

Description:
The Exiled Realm of Arborea

Version:
2.0.1.1

MD5:
f67d0ce7368f1539a2a24a083c023b67

SHA-1:
820bcc994a763d93cb614cebfdcbadd486dad7af

SHA-256:
b2303e7cdf562cbf39db1fac4f3057fde1ec910cc1e516c97019b4f32501ea0a

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/25/2024 4:34:15 AM UTC  (today)

Scan engine
Detection
Engine version

Sophos
Mal/EncPk-OJ
4.98

File size:
10.2 MB (10,729,984 bytes)

Product version:
2.0.1.1

Copyright:
Copyright (C) 2014 Bluehole Studio

Original file name:
TERA

File type:
Executable application (Win32 EXE)

Language:
Korean (Korea)

Common path:
C:\Program Files\gameforgelive\games\gbr_eng\tera\client\binaries\tera.exe

File PE Metadata
Compilation timestamp:
2/13/2015 6:27:06 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
196608:vtYtk3aQid6vfIKiPYbMHcQkPFitPjremSyPtotaOvprYUE3T9JGg8oBeqWLnIu0:vt6k3aLMIK1bMftPGZyPeQcBWT9VeqWq

Entry address:
0x25A9000

Entry point:
68, 00, 00, 00, 00, 68, 01, 00, 00, 00, 68, 00, 00, 40, 00, 68, 00, 80, 9A, 02, E9, 00, 04, 00, 00, CE, 21, 00, 00, 00, 00, 00, 00, 20, 21, 00, 00, 36, 21, 00, 00, 4A, 21, 00, 00, 5C, 21, 00, 00, 0E, 21, 00, 00, 7E, 21, 00, 00, 8A, 21, 00, 00, 96, 21, 00, 00, 6E, 21, 00, 00, 00, 21, 00, 00, 00, 00, 00, 00, B4, 21, 00, 00, 00, 00, 00, 00, 64, 75, 6D, 6D, 79, 00, 64, 75, 6D, 6D, 79, 00, 64, 75, 6D, 6D, 79, 00, 64, 75, 6D, 6D, 79, 00, 64, 75, 6D, 6D, 79, 00, 64, 75, 6D, 6D, 79, 00, 6B, 65, 72, 6E, 65, 6C, 33...
 
[+]

Entropy:
7.9783

Packer / compiler:
PKLITE32 v1.1

Code size:
23.9 MB (25,093,120 bytes)

The file tera.exe has been seen being distributed by the following URL.

https://mega.nz/temporary/.../1JdiBTjK

Scan tera.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.