home

the forest demo - installer.exe

GTAVDEMO

Acer

This is a self-extracting archive and installer. The file has been seen being downloaded from download1995.mediafire.com and multiple other hosts.
Publisher:
Acer

Product:
GTAVDEMO

Version:
1.0.0.0

MD5:
015d3f58a603804f3c85347dd12ce1a9

SHA-1:
29119541b0eeeda3d0cc50ccb748f579c66ee2df

SHA-256:
6d3c02007e56d9a0ab1b6c44f5f985c1871eecafc835aeecd20bf6e77f30fe4d

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/19/2024 7:26:22 PM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
Suspicious_GEN.F47V0803
7.2.15

File size:
1.6 MB (1,723,904 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © Acer 2013

Original file name:
GTAVDEMO.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\the forest demo - installer.exe

File PE Metadata
Compilation timestamp:
6/6/2014 6:48:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:ahGfFuOH8w4Ae6ZY2H3MIUJnfY5cUuj+EQngqXMjWN:ahGfFuOcwE6ZYIcDJnRjJQgVO

Entry address:
0x18D6BE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.5 MB (1,619,968 bytes)

The file the forest demo - installer.exe has been seen being distributed by the following 13 URLs.

http://download1995.mediafire.com/1i03ba1hf0qg/.../The Forest Demo - Installer.exe

http://download1357.mediafire.com/mw8hveb1qlug/.../The Forest Demo - Installer.exe

http://download1995.mediafire.com/65vio789lvdg/.../The Forest Demo - Installer.exe

http://download832.mediafire.com/t7qhd1ajvkdg/.../The Forest Demo - Installer.exe

http://download1078.mediafire.com/rd818vqyidfg/.../The Forest Demo - Installer.exe

http://download1209.mediafire.com/r148ilf5s76g/.../The Forest Demo - Installer.exe

http://download1209.mediafire.com/xutqi9nrhaag/.../The Forest Demo - Installer.exe

http://download1209.mediafire.com/0z0wk4efp0jg/.../The Forest Demo - Installer.exe

http://download954.mediafire.com/jbu6fkonvwjg/.../The Forest Demo - Installer.exe

http://download633.mediafire.com/kpups4k8s8bg/.../The Forest Demo - Installer.exe

http://download1209.mediafire.com/axa4go9ewlug/.../The Forest Demo - Installer.exe

http://download1357.mediafire.com/oqyouy8bja1g/.../The Forest Demo - Installer.exe

http://download1237.mediafire.com/m8t1iyarle4g/.../The Forest Demo - Installer.exe

Scan the forest demo - installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.