home

Game.exe

TianLongBaBu

Beijing AmazGame Age Internet Technology Co., Ltd.

The application Game.exe by Beijing AmazGame Age Internet Technology Co. has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Changyou.com limited  (signed by Beijing AmazGame Age Internet Technology Co., Ltd.)

Product:
TianLongBaBu

Description:
Dragon Oath

Version:
0, 50, 0, 0

MD5:
1ddd46a41b2bdd242a66d77e4f40f754

SHA-1:
e93b65c913e5a91f2791178218345d10f7e93967

SHA-256:
96aea5e01afdcfbe879c50282d64816d93d46a4fe7b94f7b12f8f2e48c957be1

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
5/16/2024 4:41:45 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.BeijingA
17.3.6.21

File size:
1.2 MB (1,265,784 bytes)

Product version:
0, 50, 0, 0

Copyright:
(C) 2008-2009 Changyou.com Limited.All Rights Reserved

Original file name:
Game.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, China)

Digital Signature
Signed by:
Beijing AmazGame Age Internet Technology Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
4/28/2009 1:00:00 AM

Valid to:
4/28/2012 12:59:59 AM

Subject:
CN="Beijing AmazGame Age Internet Technology Co., Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Beijing AmazGame Age Internet Technology Co., Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
131E7EB34A7DB63E08A235718EEF6849

File PE Metadata
Compilation timestamp:
10/23/2009 9:52:57 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

Entry address:
0x1000

Entry point:
68, 01, B0, 77, 00, E8, 01, 00, 00, 00, C3, C3, 28, 57, 08, FB, 13, 1B, 2D, 0F, 92, 00, BC, 93, 60, 11, 69, 5D, 45, C3, AF, 3C, 04, F4, 52, 1D, 1D, 9D, 24, 31, BA, BE, 5B, 23, 49, 80, C5, A1, 4A, 5C, F4, C9, 11, 92, 75, 95, ED, 8B, A9, 3F, 0C, 0E, 29, 20, B7, 99, 91, 23, 38, 07, 5A, AF, B2, 04, E0, 95, 71, 27, 18, 14, E5, 30, 85, AB, 7F, 8A, 1A, F6, C8, E8, A7, 97, 33, EC, 79, D6, AF, 4B, 3A, E3, 22, FB, 11, EB, ED, 8A, 3E, 0E, 7A, FB, 55, 6A, E4, E8, 91, D9, 95, F7, 58, 0E, 6B, EF, 0C, 9D, A1, 93, E5, A7...
 
[+]

Entropy:
7.9528

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
2.7 MB (2,879,488 bytes)

Remove Game.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.