» wow-4.0.0-wow-engb-installer.exe
Overview
Analysis
File Details
Downloads (9)

wow-4.0.0-wow-engb-installer.exe

Blizzard Installer

Blizzard Entertainment, Inc.

This is a self-extracting archive and installer. The file has been seen being downloaded from www.laboratorycenterconecpt.com and multiple other hosts.

File name:

Publisher:

Blizzard Entertainment, Inc. (signed and verified)

Product:

Blizzard Installer

Version:

4.2.0

MD5:

d552e7d36c84a95f03be31cf4ca8f435

SHA-1:

f9433f1617ee990efcf49115050ac5611a35c2ae

SHA-256:

0f55a0799944a4dc3011ee7fab3ae216ffbcd33565d08544f63b00bd33c7bcb8

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/26/2024 5:18:18 AM UTC (today)

Scan engine

Detection

Engine version

Comodo Security

Heur.Suspicious

17930

File size:

30.9 MB (32,448,800 bytes)

Product version:

4.2.0

Original file name:

Installer.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\wow-4.0.0-wow-engb-installer.exe

Digital Signature

Signed by:

Blizzard Entertainment, Inc.

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

1/8/2010 1:00:00 AM

Valid to:

12/6/2011 12:59:59 AM

Subject:

CN="Blizzard Entertainment, Inc.", OU=TECHNICAL SUPPORT, O="Blizzard Entertainment, Inc.", L=Irvine, S=California, C=US

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

7B715B3347BC57B25C66B34202F4A1A0

File PE Metadata

Compilation timestamp:

12/15/2010 2:40:54 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

786432:ptz5He7tvqIsF2DEfy9FmoSITnWWRbIKk:PzoU2BFgWRbI9

Entry address:

0x19D8D1

Entry point:

E8, 50, 93, 00, 00, E9, 17, FE, FF, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63, FC, FF, E0, 5B, C9, C2, 08, 00, 58, 59, 87, 04, 24, FF, E0, 55, 8B, EC, 51, 51, 53, 56, 57, 64, 8B, 35, 00, 00, 00, 00, 89, 75, FC, C7, 45, F8, 3B, D9, 59, 00, 6A, 00, FF, 75, 0C, FF, 75, F8, FF, 75, 08, E8, 9D, 1D, 02, 00, 8B, 45, 0C, 8B, 40, 04, 83, E0, FD, 8B, 4D, 0C, 89, 41, 04, 64, 8B, 3D, 00, 00, 00, 00... 
[+]

Code size:

2.8 MB (2,940,928 bytes)

The file wow-4.0.0-wow-engb-installer.exe has been seen being distributed by the following 9 URLs.

http://www.laboratorycenterconecpt.com/VetvQsq7Kc6e7LmHk9AXLp2qyFfVDgoA6TArGaF8hVfa4S8t_YEJE8GESfONvRYKyU7i3jxDCKqmrVUverqWPqo0eBFLpEOnfuQOVlblJiASvTddzFTEb DJG29jWZz3xt4EA5maUEIIeKa6YYTyAaMI3hAL1jCoMnHgfeEFsLnrc65Gk47BjBMx1kPY8ThujZ5FsrzaTFtk2NpCeqk3Mx_o39iCElyyYLnaHOgtjWgT4yq_vMZV94Gx1Ohvy_iKE8uONN3VMKUsh1njrBgmmwK4mvy6pxrdY0EuPPWpUolQLrvzv PnmyHmGOZ2ZQ6TyXe2o8Tel4VG9pggijR QJ PXkgQZqQOn_1AaEzppd2Rx3xRtNFgPlEw3eN1rVG8VWHJfXwC5xKgashHdH84fF83kqkDELz7Q1xvpQz4yFV16dIe7M8L6TkXSQ7qS FGwo2v0hA81ZmgpF10bFGjqgyIXfvBbIi0n16DWbAFs4eCOPZBt6Jw3H15NLe lV3WE9I65ndU2duxG_kyTRm_4z4ZZMrqbAUEYEbJERQuHNXvvtAIotCPt ROwgOmk 9eUKzIhAfguutpozigw0X0Sr7qIEOvWjgQrfLNAahH8WsqrCpGusc=-G2EAAMTe28d09wQhKSaJL7NdMzb8 U45YK8lQSDZQb8D6T2Hx mRUmLfdI2rj9Rmb_cOPW Y6bLIQMzqHHvrYVdv7WO HJGBAV4dmjmhKIb6BQ==-e

http://www.tamindir.com/indir/MjAxNy0wMS0yMSAwMDo0MDoxNw==/world-of-warcraft/windows/.../

http://www.download3k.com/DownloadLink4-World-of-Warcraft-Cataclysm-Full-Game-Client.html

http://www.laboratorycenterconecpt.com/avf1QsZeOV1V_NwCv82vSjF49c4ofX4IsYgkFu_zUJVHSawCdfuAr1poxaye69jLpHd9Yx585k 9koVTt1YWoMCYPWYZVZMBv4tmlSxG88l d0 lPC3gIZDUbA QjY4d7KSSLjnCObqo7ZWC4b_0JhA8UVXsc5Oz8d9s4W8KQbGydRBAchYhuMMRZxI BzgZ_ccIXpJDd1t aKCR2QI7l9jcam2azYzjtdJ5O3trN82IPxQreXLo qVn440uEB0gmE4ER11uDC3u4b0wqbyinrU3mugrmWGDVd7yJTQrC1hfPyAM6NYN6jnnA2y2OdwLM7NDX C8V9m5ha8FatSW4 ha3YGiMPGbeXd WadBnoFHUE97uQXfudvkE9bP0AboIespZOGtYI9DEzw4ctNdldXXGZJT11od LO3LLdaLC4CrzVMOH5lrq3UMDeYQQvS6LfIIA7FVWonXy0qnYhvf94tatXMY0kjjq yvlrufBHCHkDO1A5 rEMqYJqNESd8CaUP4WKacuXAqFCF0TlUrcxP2slfPQimcYVgdU6AtbBoIU 9txb0E72wFAd94qKBQASYJrcPDs4qKu0GeAlq_DUQHsnNOwQtOXFBSl283VL74mEiETQ=-G2EAAMTe28d09wQhKSaJL7NdMzb8 U45YK8lQSDZQb8D6T2Hx mRUmLfdI2rj9Rmb_cOPW Y6bLIQMzqHHvrYVdv7WO HJGBAV4dmjmhKIb6BQ==-e

http://world-of-warcraft.soft32.com/goto/file/id/.../

http://www.rgamez.pl/modules.php?name=Downloads&d_op=getit&lid=65

http://world-of-warcraft.soft32.com/get/file/id/.../?no_download_manager=true

http://eu.media.battle.net.edgesuite.net/downloads/.../WoW-4.0.0-WOW-enGB-Installer.exe

http://us.media.battle.net.edgesuite.net/downloads/.../WoW-4.0.0-WOW-enGB-Installer.exe

Scan wow-4.0.0-wow-engb-installer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.