» TERASetup.exe
Overview
Analysis
File Details
Programs (1)
Downloads (17)

TERASetup.exe

TERA

Gameforge Productions GmbH

The program is a setup application that uses the Inno Setup installer. This file is installed with the program TERA. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.

File name:

TERASetup.exe

Publisher:

Gameforge Productions GmbH (signed by Gameforge Productions GmbH)

Product:

TERA

Description:

TERA - Setup

Version:

MD5:

8aefa197eb9042330f7a76625d8180ab

SHA-1:

0657329c3381cc0c10653b4f438afbe8a510f9a1

SHA-256:

bea77b2c1e6236cdff2cd358b6fd44aa535381c87ff4c4c8ee08c145a9186003

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/19/2024 8:44:09 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Suspicious

7.1.1

Trend Micro House Call

TROJ_GEN.F47V0423

7.2.214

File size:

14.7 MB (15,366,160 bytes)

Product version:

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\terasetup.exe

Digital Signature

Signed by:

Gameforge Productions GmbH

Authority:

Thawte, Inc.

Valid from:

1/21/2013 7:00:00 PM

Valid to:

2/21/2015 6:59:59 PM

Subject:

CN=Gameforge Productions GmbH, OU=-, O=Gameforge Productions GmbH, L=Karlsruhe, S=Baden-Wuerttemberg, C=DE

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

42FECC8F9CFE66B20BDC38000C770330

File PE Metadata

Compilation timestamp:

6/19/1992 6:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

393216:j+QwfqlQ/dqvqBLji10ndRXjJnOjHQJbWxfhzn8KIX0xUk:3IqlQ/ovAiadzeHQJCHzn1IXq

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Code size:

39.5 KB (40,448 bytes)

The file TERASetup.exe has been discovered within the following program.

TERA by Gameforge 4D GmbH

TERA (The Exiled Realm of Arborea) is a 3D fantasy themed MMORPG developed by Bluehole Studio. TERA has typical MMORPG features such as questing, crafting, and player versus player action. The game's combat uses a real-time battle system that incorporates third person camera view.

www.gameforge.com

About 5% of users remove it

The file TERASetup.exe has been seen being distributed by the following 17 URLs.

https://dw.uptodown.com/dwn/-DmHawPyakIgXUjxRxceGbgQVEL3SwY5Ud8rb_1spZOxv7Sdqkx47aD0W2uz6MGu9FOkdE3M1H0x8DX93eAI6CHALZ62tZK-FVPiXrxzQIXsUsDr8T7B2uNadxyrxgn8/zWR2wAnTTOUnOzGslG-2BR80C-8imW6yrgacn_QIRHZRVNVaoLBTTufdxzQ2elpWN9WVC94ykKoXjVc-NqU5_wCrZudp-IaNrbC7UtoAW4QQctpmZlEVUwkkHeoDyg_F/jzmvvXU6YXm_5a0bBMXTd6Eg0CIZgmM_OMKqEQG1mWwXaxa2mRqMhwBMR99gLFPPVVTZ3HZC6iUANuh8jFJ_M77OUDOWH-GomozDkIy8zTP1kp2vbOCmVYr6ialyVX5m/.../

https://dw.uptodown.com/dwn/hN21dXjiQ8-Wm1gfGH-c1WXwOia6WBx7Qoa3uIq6t-TdS3gUcC0uAG8mk1uJfwMxr4VSSP3RFpDkxEQr3Q9HvAQ7VysxpACmmsoM7DWGUVL1TNrX_qplw_wP3GIqARyo/Nn4Lb1RP3cWsXceBqCQY6PCQAw_DOT-9ve6BLLN87YckwXym3eG00MzvxMzexo_FAZbtx3KlDiUWB4sFeGWtm8ABhgkmaDu-d4rAXlZw9nK0Ow9-rmZDLA8qn-nw1uTe/MWnN4jCi1Ap5vXRrbMDqksJnx8POm6eGKuD70fPZXnOSxrB6hU-cnVk18kJvVloze2XquNnIVGKOlyILSO-7egeQWLSi_j0q5V11uZJOEHMKMXwdWRcVXqiptGJXVSll/.../

https://dw.uptodown.com/dwn/wqwGSh-OViM-nGm4azMC8EQ5k2yxu5RItzl7pGt3bmARSv0rOfiz39CoPBC-aTyjFNNIkB66xGDDxwcycITHpBnSjWrCetbLYZOXXczPUvwIimfvqZDEVm5xmD9QSfFo/_w85Jr65hccJr0BI67x0G-76SZ5R-wNRvJ6FGMi-iSwpq4CMwDyz4i8a1jrNVD-VBjKu1NBqg8jVsxN6QaDPpPsEjUosSlfv_PnjuXgtitOH1Zq2t4QgMBQ5oivkvujn/KnrxNIw84MnfPIb-t6TxrRODkxMSzixCoBKd_jQdocigd0hK4hWr_iuhAspPzkRes6AzUmaJhQie0C18HEfoFvTRPUrzu7f6drG6CjxiuyQV5v2OesraYXoATgwtyQQr/.../

http://dw.uptodown.com/dwn/7q-4TeXblM17G5UU6rWgwW4wDdbE8dHaeZA0tCtXtpRyLLEkdyovu2SIuJ6iLzmCLUgc4oEnZ_m3XfGevIs8CW8UT450oivNWlahOqLwAyfK9WB1vxerL-L3lAW0BpE2/Z8gSsLZI8EMOIiWfEVuEoc2RfPKEmkL7b3YWpT72mvmndnJISbcHbKgwq1avICH7xBpME1cxhBo3pp3vUIu8UNrhsvhV0ro0iLJ-YsGPZ2_62NXB96eU-h3F27mxp7na/.../

https://dw.uptodown.com/dwn/wtXSKy4i9EqwFWGxwTBflZvxHIZqWzdcj0dR1r1ch68H0kLdkVxyhp4XlaGL3ef0YwRAZIKNJliao4JufRPnN2tbTwUJU5DiAomR8t-cUNrivYGgR2QX_SzCynaFixr9/00iV_vue62v-Oxzm0zigKdCAW_9d9yUJlIilT0mSn9JO3Gqjk6NFfkb9U6hgTzsLRDcg7L3KvlMwazqysPC7yEd7N831NIIzHUR1lnPlw1Y7QiS0fWZUziN85TpAegQV/Dktvyxm8Myaz2o1zIchMw5KoHvBLg3dnD5MoZMYHLBCNKvz1sSnUBs04ce82zQpxp7s6Cfyj9aMCCqTG86iGhlqLv1V9MeraLd9N8UMEVq7wUVLd4jKb0TBgcJSGNe5B/.../

http://dw.uptodown.com/dwn/DeJXE0f1Q0eMHsxnQRqFth5cVx6bBOPlxrySkE-sBSF7HMvcbLkjor3GuDnPN-pDwl2N2LEosvliou3siBWYdRrXxvP1ECb-gHD-UIPuSUVS4R3cLIaJFTGxw7GeoTgK/BQJK8NJqWMCG8C79SJRu3LCjCFrPTmdWOW_rX_LFZP6Cbi3BBx7sgTtYIiS5m082BxN6JxeJJh35XG-V05OXg5QKghrIgD2YQQ26JTyZFf-EQFY3D_J2ZexPIOo21grF/.../

https://dw.uptodown.com/dwn/Z4GABrEjGmOsKszoLyzBR7hFe8B8F4WoKYU53jm5XIjAX-baectFvIa7DxHrMqjMlSfrKWvD45hSjGGOQCf1vix-fWhf0_wZbA4C3ixRXkMKfYymQ8jPHH6VAuwHJ62E/X7MabxgHpXTmTLUb8oVmXf4-zkmJUmfNi_jxe5zGdpeiecCjCwluNaA5dln0xUyR6ZBW33YRWE4TRe6V2TO9GxMv6jg847vULu_SrVh49jXweRLsF-TAFZUg8OhE0l0p/Rc3HV1fM3v6ovmFdbH3alPEzrG4hE2UU0hfm8ie_bryhBYCMdS4CPXdJeMX80y6_qP3uWPKPqf0nn3fRr0Ls0Wt6Ty9E6YCLUliFuqArG-JDGk3TC_5GKbamgRVhhfdo/.../

http://r2.computerbild.de/exec/r2r.pl?m=w-cobi;u=http://d.computerbild.de/downloads/.../TERASetup.exe

http://dw.uptodown.com/dwn/dIjtTDZJbBgRBYhb0k3x7FWlnNZfQQoQYN4KFXqTNuQ_huAJQbVFQ3_WrpFjMrm3VY1e5nE7ilMcfTeqS2X-RkRwwP90rGNSXil650pZ3Vt6Kvukl3W9KLBgvmWEq7Eu/-JsrbgGI4SOaiGjZ46_iiVzUfUhMvOSws2teCyQA0iiEpPYvAf_4O2RU3_f8OqhTAaD4-yOsNGY83Rg-6G9okdHL0SvlJR5AJKcBhOJqf361_tRl6xCQgVAWdm3uPcGt/.../

https://dw.uptodown.com/dwn/YrIDRB1ZbUDXKK0_c9bIvlfvxo9-XupJ2RGzihJknPIf8f_rInXKapO_3GEMcRh56w-WRSknDnuIDHophxKc1CiSLySEz3t12E2byQM-59R2tb5RPNuye4iBY5qUZ19c/9M7s0QbWVYJjFppYS2J6ZHtKYPZ70B4Kf3D4d1IhUuSA2xfs3RM0WgC8zm6oxDujM6CdrOnxiwFJbxIhtPeNIoz5HIBLBXR5nyiWdyd8iaP3SvqN_xfQCUzFSX6255AI/IBevFvqsczyc6zCm2iTR-2MjdGPOZVV0Afatoq7MAzrJFhvwJ4SHZBLgeM2V2nPgZQKJ2nUB9JDx2VwyX4PUV27n-7kSlJ2wCHitlVXzH9aeaYHXm1tcyAI2MFXQm-e8/.../

http://dw11.uptodown.com/dwn/pmlaRJeiw0tXMrAFX4qk1YD7cs580mgdzBvvYag76xc3JIKdd53hiA_6DTGEYWPEri3FOi5sZ_0zmGnEpn-ywj-xPbkTLG8Xgbt3k95SZIacJYFBOdxYN1nTf8lWMuOq/lT6W-qIcpD3iiAOTqgwHXIDfdyAb_3a_9gEITMBPDM2Y9VGQXMyneTbqBe8sHjoT8L0AFwuLammnufCVy3-HIUytALphezUAMWUCMgdKO4uFYDv14KBLob0q8huUm0tx/.../tera-rising-en-fr-de-win.exe

http://dw.uptodown.com/dwn/vJW0XYBZIKBvuDiDYb0_J1u9COBtci5tDFJL5f26icdEOti9dvcmTOsIomltFNGTyRY8GylFVSWJdSH1utMpESfPsirwR9S4NAf4s9WNNBdrjCrjtKdJ8uuQP0s0jJPY/biY3Vq3t0P4yY0zCrp6-AwqEZMAP5ikUzbI-ngpenGm-E0xj5feyEqk91BWmuJvF7ir7YxjtEhWTRXHozyxF7RaU7LBhkwZ0sYKzgn8uJleSKiBmrJRGuHckolFKeRnh/.../

http://dw.uptodown.com/dwn/MR4XJII40Cvn6cu0DNDk0jfDL5-nBrA0SdmWCBwhf5FgnzRfK8GFw6zmOiVGIUL2Ol40Rm-rm5fazr18uVjbz3XF7lfOCkELUEg--DhUSI6_HrcQCTUrpj9yCH6uthZ5/lD1d6ZuCiyrWkyGoWlJ1d3IvfglAeRAR8hzYvUMN7tkX7_QQaF9evdsUbqjfXPXndpizroZWWByn_AkHTzBW9Og3W4WlLZrNUKb6obDCQlVamtzGAMN8ZKeT27l-EjLH/.../

http://dw.uptodown.com/dwn/mAOSBZFDnhQ1NDL0XXiBzlJvoc1sovHsUDUem5KwgQz83uFo--3WHb6yisnm-eVzDy5CA7fUhLZBVOy40AnPvG6wCFfH_Yi5GarDXjnVSZSoErPSyzNjroCnAU-Z-Dxn/ouVhh5Z_GpsaA9dDO26pknhktHmEjrk0dgVO5G2DjQz1Yo_3jt_sD4i9FsHyXwZ3XhA_COS4qRTKBPbENrccaZGC9vAt5H2NRdK3oI7Fywtno2SjnS3TLMSk96_rf_-N/.../

http://91.74.184.36/.../TERASetup.exe

http://tera.en.softonic.com/download

http://download.frogster-online.com/FOG/.../TERASetup.exe

Scan TERASetup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.