» call_of_duty_special_edition_screensaver.exe
Overview
Analysis
File Details
Downloads (27)
Network (1)

call_of_duty_special_edition_screensaver.exe

Call Of Duty Special Edition Screensaver

ScreenSaverGift.com

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.

File name:

Publisher:

ScreenSaverGift.com

Product:

Call Of Duty Special Edition Screensaver

Version:

1.0.0.0

MD5:

6f2e5b29534627cb7f1bdf06da342429

SHA-1:

c30662105c587f87add3890461a1f15ff57dc282

SHA-256:

617712ac54703ba8bb40daff5bb7c1f1c6315e260579a0ea0cfce4f2b32594a1

Scanner detections:

3 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/23/2024 5:05:30 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

PUA.Toolbar

7.1.1

ESET NOD32

Win32/Toolbar.Babylon (variant)

8.10526

NANO AntiVirus

Trojan.Win32.StartPage.degehx

0.28.2.62483

File size:

29.9 MB (31,331,009 bytes)

Product version:

1.0.0.0

Trademarks:

Original file name:

Call Of Duty Special Edition Screensaver.exe

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\programas\call_of_duty_special_edition_screensaver.exe

File PE Metadata

Compilation timestamp:

12/5/2009 8:50:52 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

786432:L6cdkVXCAYAjfy6mvIwpT77GR9XtY5ER/Cs:mcdo06mQwpTmPdY5A6s

Entry address:

0x30FA

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

23.5 KB (24,064 bytes)

The file call_of_duty_special_edition_screensaver.exe has been seen being distributed by the following 27 URLs.

https://dw.uptodown.com/dwn/sTSEusLtxAVGI8fzpQjlb_m6LT1L_rbQwDXzyTlbsmtFbHRlpMHmyF195sbCFvwrwToxVFfl5As-GTQcvfwfptWdyBXLQipESSo-t-JCyqcpioGKTHRxeJPUT54YZIq3/tn8uz2VsMzi9ybWyXSxTM_WBGGnhtxQbCl5cJHwwEh2FmEQTYJmHy_3mRyl64YJBLYbqMVrt5czibLKRiXMycIIu_NUFP7mMCC2LgVjiq6GF3GIcmsGGP3HQPTNhfH4V/PSjjm9WpNJ8rlBWC46ZrxXsJDC4YbJGf8G_WJC4Qe-ECbhrVPgnG0zQ8D_FtRCwr4wKW-P8diZRUkvETbu0v3iD1LhOeqqxyjS9tO9QBz8RoLoHICyfidOwRMpo71rZH/.../

http://dw.uptodown.com/dwn/1QB-lmHvkcNkslwZ2Ugb2-L5DYkunoHzfzfze-pxIdBqhFZ0TSz3PZ8ZszYTRnsh2jKlws83dWFKrQImYGG0IlJNtnwTutjCQZWXgKzN0q12GvhqM5h3hsQro4GQCkr2/Aycqzy1EpwY0FTRKHzhRVM3uebxri1I2X0g3XM8386hZCXnWzEIIratsQrYAfo6184hczDv0ausyMhbCHtHBMfQCkdKQVxrIfJ9lyG8hCFChprDM4hENRGVBJB50C7Tn/Z_od71TCpY0o_dMqzg0nBdQSMcaOjmDuCXTn_vui4U7ox3ANv912SV8lQPp9iWJIkQyIf63mg6VoZzcubNNPj_E_SoRvD1ZaZN1ZaVezO6fdnbFBbSzEhXPNoqWzK3a7/.../

http://dw.uptodown.com/dwn/RSE_Ax0oqZEw_VwMRR8-FWlULhQE-beEiG6V-zdsqEEwj_RggzSFFEa9itp6umFpclOrvHVDg1hNBtpHaVGA-S-normc-EJUMYEjp4C3XEoTCJWEyc2Z70aCJjzXl7Qc/7Y57TVgxNk3rbbAcy4odSdUDmNJiMcgww76NmnWDvuQGgCOBiwkBROoI8EU1DAk5vi7fKqpFwMliqZ88cK0FauALTIjSxutNgAWiPzOu4sj9zFDb1j50oIv4nniacEj8/dGEn0ySoBaWjWh3Uq17-xb8KwMm-U9JJfig4KTdWfcWT7jeCuyyHff7AiAWf1WehMBXWi7px2pkL9okpeBmdyi7l59UM7qzTHdetve9zvLReF_qjtAHw74VH16Nn6T4k/.../

http://dw.uptodown.com/dwn/79QXyHexXbD-v7v2zY7nOPR56TodUpKkIz557lzEqZLdvefejxIJAYJW1Brr-fQ-DnBpq4fYiXsmt05ZE1t2cZW-P9Pac33ITWE47eyuSRFEOhVUIve7OJxI9lFZXMlW/R59XP_YTJOq5FD-lcsy4AvXJgl9R0T5dAtKJuUEvgHElGUeLEECYkG6Cvjq7hwSbL0qdnIKNNCTTQgJ3zB6JTbJkjt5W6axIVm381JjBje6ccl2yED8PmXfB04G8hmsr/4dNB8vPsBmu7xMkKaFCAAIhIQnxaSFfKd1jAZREfrVrgwXqP4OBPwX_30lt7W6nug_dghCH1nDtu5D-2kK6UuF7RFC3t8UpS-hmCa8AQZTWLyu5-lcx41229LvwoQQKW/.../

http://dw.uptodown.com/dwn/j-lPjgK_u6x-cdMYgvqeUcdgHNgpdWN0hP1aHkd2NhJra142qjXoZmYHYrbYQigDzqq8sllF5NekM4XNDa9pGujdG6LbG8ZeAY43N2chAGa3FszkXyjOLAKaogTzD7_x/Q2pF5t2HmscY0H3DQQMSpvyx6v8q2pzLtDVnisHGifK8JG6cvBsRI_xUIlt5kcNGPHtuw80ry4YreePsDJb24ppayzLSGOOtCN-mnqOBsHjVDX2mgD2I_HMYUck9cjHz/TPQBEospJBK0ubwAS1LhXjKdwb9xI1q5WkNThyp3c2KmItEEDq2AvMdUhuiJ-YkKLigCCv-HhVwluYfo_K2LkVthPSPOGbvNHcvC5tD383_BpDSUMOu9XmuOD289c_x2/.../

https://dw.uptodown.com/dwn/rEw_OLrps-qcwezQavLZLEf0G3KzMJDEApP6vDH3uEtV1XujkbsgrJrNbuFZECLys1_zZCC54k1keHQ4gRUut0Ngr0vuWLHmV9f-FoT-nzFCxfI2qh3LTc-fLZWC9g3O/ZfphmFNFmV3_jCLKso09WxDouXUJ_dBLw5RsB926d-pf6Mk0APG2lv5sTjd09HAiHu0hYuZzFWAmLT_F-0ATmsBWH2a4RDrGvWzbaq7U-g7dEPBF9M8JZL5sh3MJELF2/7ubIy0K6-1o7-hi06M4lD8yMygl_GEV8Y6OnmLKd7aoqSwOy4U1NgR3bVtXbMD4BPm9FlcxGSIvm6-9UARgip3GLSQ0gXeul8K0FmjD47gimIFLJtQlESaI1goWI-noJ/.../

http://dw.uptodown.com/dwn/l6mMLxDVYvehu6__qEatnWDjVcYh-4RljrLX7TJosWqX1CmmP25PlNmd6XTd9svKjB80mBOuihUFPHWp26CPllBS2wXdxT4SiP47F4CBzcXAt2D-g0wDhVGkHPCj-ClK/9W8W2icVLuF1ICPRnIwhKETprtNcgD7hymmoMtBR1D2uRA0_qfbFDXSFyFhRxZOWH_k6BN_X98KuVs--YWLditzA7Y03n3QKf1Uy_Gxjhd2qg7FEkhw7QtGbLj6d9jWl/tPEq2ixVX-Wjn2BgaEd3iwjhwPE4a8NbdZBKoj_-eYm5nQzaXimRBhCumJfimQhXdjc0PMZQFS1dJi4LouAs2K0fSv6y08xPc2XlkMYI0oghvjo7vkpOJOvfafBjMx5k/.../

http://dw.uptodown.com/dwn/2gGwbOexYzLJtJDPQ1FprFQHqoE8ZjN7LQxGivx4OaPbGeWw4P1HVHhE6z7HjblCc8wrYkr_FyTK6j5QPibZUTJjXqiSBZQoyzYOPGO5S-u7Uac3s3_2qWD0rSigr-IJ/QhKf-UJrxXNlwgRkF07dbZHGpuHsLa5KtcSyvbUUVefn3e8vTUV7QlOT1nD2Q5U6rjsm4s2_wL5Aq0asl1EdOwQ5AhBrHL3mqcGgXpLVIJztgy9tU2LYHw3C0gxCE0LX/pxqsX4GRf3nL84C6k2dx2NIDYZk3m58tqWowHqXCrIvngrcIubtu1jQ_QAN1XZ-tzOmJAqR9z7IsALtDxiR86ZSiKvDAmvHKkHQyUIjo4mhRdbmTyTHkoXdZp33nZRIW/.../

https://dw.uptodown.com/dwn/TFvg0L6HMkafXDrhRRv6Sv7bmIkG_UWNjXrM9U8XhqUcEYFwndeRfmaoosCYHYxwKAlGu8MBx3M1wFMWbIHX0yXbMI-Q3zaqK9k35FBeCCgkbXrWKy9_GfpcAsbXEngl/Fj024bl-kPBchZbCUTbZbiK7BgL3Epab4ufRyz8hvDaPrJhv0vR0B9YwMPlCLQVJze7D-LO6Rgrn62Bf2Wv0IEUVL1rlOFOSjZcOkpNfg7RdrsSN_199CXSf0NSdVHUg/B3a4yjiQzuWi7yOuGcgiKGeA_XbPcZEwmsnQX33WCH16JbxNfSB6WgYCw4HcfLsSVr4gdyoZBPczAoeQt5xL8Fl4wql40JlAO1PTI7vTVnXHJ-1T3tHz7OOajphQZId_/.../

https://dw.uptodown.com/dwn/ZWY68po0E67HYvolUXL2IHd3hkJ4jSLlmUwUNHMqVK6kE6Ed_nEt0S54ackl_KsNmg0po-mpPU1m15_1oAb7IuSGGE5B8Qu1lFHGqOmHQgMnZs1tpBdA--DWf4Af0cH6/INwnieKoxSzsOwXDOLrWwfMPvA54E59eQvPTbYMBVk-ensC674usmtS8U4_wF8xhO1SKan_3Upk8-2QOdv2wAGiw13kkhO5WGnbvp-Dpi8VYOqlJcQbWT9evjWAGDcWj/JVYIRvNRCB8niHyDlYjcA6fPlNL2WW-Lhx278htFAtxgiXfPYfjFKXoKNCsmVUrSuOwgQII4qI2Jhwne_cuzN7OzVGxKbUGwKF4AHofWnsvUwluFwGtQb66r5f1c9Coq/.../

http://dw.uptodown.com/dwn/ggJ-NJAOw_pmjRvJGSSShS9aGC2GFK6rpSFgWWTIfVtJh51TdAHtQyavVsCjn0rgZbBmH1xWcz8_9Ngh3RI0VqT7Zo34Gf1-H0DdetKz-v1c_ttUKbs1HqR1d6r-QCw1/UIUKJe1yBqonFt2AoftmWJLKUXfuqWgNhUIRq2IQWrT2n1CnjlAoogysFJPW98Mt3Eg-eQvpFQJXYAGplb0BBXWYLd3AThslM94jIiEbnwhVIIj2x9n3E3s7P3jsmaBh/XiPS9q0yLOZ5R_0GtnlR5muSVLEVPGEn_wyHhkg6NZaQ20dZ6c8EG5gLbtCr4uZsMbIGBs8TmNWHKlr_KEKXy6DPsYvUs6qXGMMxVfo6JIdoMnvhgv6tJDioNxbE1-Db/.../

http://dw.uptodown.com/dwn/Jn4q6vH0X898Vd7VwTJ77VVtALHjk_-AFl_cDmtDSSvQPElKrrH0Bl1PGban7GvtqDQPGqN9F45KQzJxiQ93foemyzzn58ioicogxgFG3XL-CYplOD5maobe6Hd-wSKZ/5p9zfYSAKuc8_tXKhre9oVUMBx25VlFiqJv_eBqpwibF1WEQ-k772m6JZQk_Imudkf8Xw6RSjakkgb4G9Z4S4LGHfA_T7TqdHH_yCE4JPPRXdEc8kDDDVafTrm6b1dag/lLTRqANyfcVtLHjNQIBPczc7cHl3VQvIFhN3AIEYCv6ZDtMdCp13e4vm5z9rAMRnpfV96ubiJy8MT4m-4qiYRmTK3HM8DFdXCh70GfgSdaqCHiKblKVNzBBD8KHB9s6A/.../

http://dw.uptodown.com/dwn/bWKcmeYYuT_kLDPOpxaio0IPKaWdzhoRL2VPBTC-LStE84z1eeqtmct2XdCMizyfxddhrw5r7HTupPeRxOs7Fo2gIggDeaa-Fu6tjF0woCqOxJAm7DxXMN6qaY_93dNV/xQVP8mWzXUruw7q03mA06lgSoZryaXZ6FtDibbHBMIXnXlvl38mUDv4p4B0fz7SxCyJbNGAo6fpjeCJdMWyGyJ0E36knM_uB2v5XOolwpZHI0kCfiFMrKupcByyRjgTw/fcwUY2cH0R9kPFssZPZ9wdTvH_PMrk2jzuMRjyarHNgCxPXaigJgNiemMUjmC51tgc4ztg2ir2LrZinOL9RoLh8m4B1_VOJ_xQ6zAgX2fuBRNiptOZ7Lmx-TBZhO1r8o/.../

http://dw.uptodown.com/dwn/tc1-_1PFXheTJWfEePP3oCCsFpQ_2rxHxgqMxV5YDHkDAW_CogZlyyih3K0H72QNZ6MOfkwagyjFr_R-G9x6CD4-t2KEutQecfS9KVXrtdQOvbXxTiZOFydYd7DPljpC/AwvR6HtceQCQzfn5GvXl9WTYQEQM7TK8tjBwzPj39W_cnJoUmz4W5Vxakhd50yIpdh66rfq4KxsvAV_xfOHjT75Q_jJvoEWcEuCGdZxVPxaRP0Sq68AbZw5IskRxozAM/CYDUPcllinqguGFrTiW9Ld2GrAFzN070ADn5SOdoMIGqlGzb3DX2rYCp1YC6nVjmHx_z1QNWMvU1LHMHeaqRqk1xcgMAgBAHAUcTQzs5g72dwfOBsqKPY5rfmY3DgxiJ/.../

http://dw.uptodown.com/dwn/i--oPC0QqtkHGOrr25Z7xAGQq1Mp46pcZlkDxCDRW5EvjlMEZq6l3dr7yw59Zoice6CrU5Djk1FpLMFra-IjuoRpCa2mF2G9Q1OOrnJIoUZdZfDXdgwcYQqZz8iRJXwG/n06ngc2k4plKPlRKYypUWdHC191AG2UEmW4lYmBoyTNalHBnsVO7LidQ8sAKjGWkkU4e4m6cFp6VJtaeU3zLIDHRa_xAfK-TDkbUVbxgt_kxuMb3m04ZYTEWevqm0RXh/l0ui-lDpG_fGU9d05_bYhH8Lj45bk4zm6FX-a2-uGtYoLzkRdI_wl_aVtbi27DY5aZXZLiEhoYZxN6olwQSw5E7FxrwVxW3RYGB9N8AR29JEswyYjq319JUBAfUbQhPx/.../

https://dw.uptodown.com/dwn/zo90DCLVC3bmq8-jOgKr7oAwgod0RxZMkvrTZxfvxJH3FTidE7om8M6LUXcFrVKciKNsPJLJActgIMuyr6qx2pOyUGodorLGZxeOGszebPjXgwdI6ZjYHLCaImJL7Zjb/1pioYncps7E9Pi1ucRv65E-foiqAYKdIGmGRPAMWLLtOxJtZThsc6jNWPP8miiSF0RORoClXT8Nep69VDjEnjIE1i5HkLbpkbaEAoX4h7zajwLs04Cnnay7Kfce7KoRI/tnW9eUox55rg0Gf-B2u8dYTvyKMod49R6hdoEhH09fneZxY5oXXJYKLrSNx-8b_nRNIPpUZQ0opZIoALWByejp5HwrjN-EY4EzVrWJdU6HQ7IdaGMjZSQoVwVVxhkFjc/.../

http://dw.uptodown.com/dwn/hl1L0kNxDcD99SGJGpNcXZJ7XQsNy8bmLp-tIKCUm8YTTa2VltqZGds76AdfR_STf9KJ3l8PE6sLjkwUeFG_h3_z7tbumNZLeGk1cCPGYnIHdROTT4K_kg5TrxwWia_m/DLMSpcpFOuTz0lT6YQyg7ltnakHKQfPv0YLtt2AsVRcj1Ti3pPD7c3MmFpZbOYHCpETaPI05h_CvcwxjW8vDnhSk3kwdWShCv5iUuEqTx2dTjKuI856DlruqfyL3acBL/44-KhvnkkoTDdu1hqRgD6fmM2cHQX-vHbkFHBPu8V46W3l3zUSeW9HWDIh-u1TglfbDV4WQDBeq-uzvqlIvlL94lgNCBPDsV6ofj4t3jrDB0j0AJyUIyUobHL8voMt44/.../

http://dw.uptodown.com/dwn/NVMCOwnwzN_H-GR9S1vA8kKkra7X_jWgqYzNYQfnx2D1A01GbJ3DlXggICPILmkINTTpq16JemmhmuNP6IOM75fB1whRWsMCzNLZ87SLMOJMY6CVuUmI-8Ir5YhutzH6/xjZiDsMGp3bIt2DrwvtUFuxjd-KZ3Lh_0NPeS04JpSn4An-tPrkZq7VNXIsIQMBskS3Boms5dHaMron_aR4BUwpbhyl4YokqQbzprm7S_7qlrqBjqiDRozyXulmM7IPl/zCjA8ziBmhuLqx6YCcQRbST_ddfCuDrvDGnftoAId3kjCuPiAyQ99QvlkZHINmityZYvg_X33XfjwWfu_ZqOkmZ7ab299udR8AVOo9PloMLNSJbWNOLWG9VRK2FyXM4K/.../

http://dw.uptodown.com/dwn/A1X4Y9ygyUkynGBXAyTgnesRhq9EL4oKkXPGGBPw0lRVyqxRWlg8Jv4O9n8Ua8MfJhQDLL00XiU9mKKp_1xeiFdkRHOhRVOPmyjlc4wQoMgqUApRTZTRzAyVmQDOinTH/G0SfjwrNHttOHIf8a-JmADLCX7EuPivvOI34N2i7DOFYI36HdE4AUmLegRnDPIVZxIckL3X238HWP341ZB82ZaaHyvYpMj4CaSUqKekRnso2x8sW8Wej2AugQNmCGY7s/Zo6RIOfqApctU8CU1SA3psowbCzaqcfGtcdaASyn_R1ToyQRZHU6cbbum6bRFKtzwFc4YfIi9Wn4RlM31Qaz0DkwkR3BGWeEI_Duy0_FiDrkn4VU7p8zlyVqNKU1pUXE/.../

http://dw.uptodown.com/dwn/3CHJjNTMUwbgv86fOYQa0yUXRPZ-XvNIG_d-VSlYIcuzW0G7ix_1nYoGswZfzcfXVPrtecJ83Gwy4NsZ1XOFE8Ul9kUu622TgTkSqq7Am1HD-F90LxIqLmBhuRzIvm9y/ZAEoITHbvzUNZQOMCO-wgR2ojN6Sjf9KyinxLdiqSJWLHSliA84ynt5dcLRcC5opPcln4uwt-fbhjzWjIxiuBjT5rgLbjgV5Fpbze23tSj528w54iqoneQ_qT2ZCkGS4/ZcOS7Qhqedw96Wlkg3k1OjfecTm6bZhYhKjJJM-hSFmPHlAQHFGY7mCuhai6_AEkWThNo8nc7WyCnpasgYe8wNwLJKHRzDZnd_tXp_n8uxlLs34VBMIS7Hi292kEkuiB/.../

http://dw.uptodown.com/dwn/h0EN2b03m8SMSv-PjXrY0utK0WDHvdQRsH62mUCutzj5O1HEpDKHbz4W8ewyNOiZ8o0Pl9WZsnX3ytWDihwSWHYjZfGu_ZVzFKbNzrBdwbstscFoHDWiFW6-i9sAkypD/ESjRe2pYrIw5sjXRwEpc4x9pvQknT-DD6u8lCVTAtD2lyTj6Puxoth_tLbj3IyjLEYRkCg3MNcNljBhGvbjqoiXHQnjLNw5RB1xGRkkEW3yamOwmUxSfSArT1DrSTl6A/GlrfPyHbuRgh1aOLclh7IBg23t9NHCs7ieU4fZ8w7rjdcVpB78z17cXVtbwSjVCHUIM-TNS9P6tLT_DCWGu3mAmgqfypmArsFvspOGnwco8FoK3rTWK5cJod-8kBaL3j/.../

http://dw.uptodown.com/dwn/1DDQ_qduxranIgoa2EaItAqNGThfJ-F_Vd4f2AbPTG6BtiupwHvWTMTGUPZuNJO-h7sWHPpIVqd_bOXwxCEPcOvrD7iSNs2FC9FBtC-cGh8lKUHhJ5wLFBhsXfKN-8OB/kEXw5ebFkhOuae_O56l-hwUfMZe-erFZcXgtjZkZuT5Sb5TAq1npZgub-oHnLzVnVXuiFgVgK4xe1f_erCBnlTh4v4dxqyJEn-GgjWA_Sl7GC_Eg5Y17J8_YsD7ek8JD/7YJCfsKMvAvR6k_z4BeSTLeM-GikWL8rlsdCOJWMsFX4Fbtk1pAGDsKprEvAM4bmDOTYwBHKwDkDIbuUcOTQ3cZ0EVUnOiWv7qbmaC3qDVKB2nT6TGyrJQcMurOHplsi/.../

http://dw.uptodown.com/dwn/WzFmby0wY0MSj5r_cUf-6fCVlv8cNn29x46Tzq4-dVbH0QLmIcOwjau_XgYg7Mrktwtx1cTy092uQXFdlGrWZhQYXMdzssDFiHruWJ0AAHkNOnDdURomYYCePnFAslUu/XyxGdO8cIk5nmGgjqzqAVnWtdPMqHN1D3F3ftDKAqfXkZhJkl__kmVA19YpeyoqgaDrYBwIs0vTV14_ibSvS7IbshPy5HFOIidfpp0FaSUzerIE_zziVM23f69NzTLtO/EHgqvrSFloQMk4zD5qpRm92ML9wCgUl1FWg5ITYQ4FYdirgmsvZfrwB5GuGO5i7axdd9njsHZc6-WDuaRuJO7LCHiyDveWPTLakYbS7ftT6Zni1Xisk5HxRmfpJD5mfx/.../

http://dw.uptodown.com/dwn/F0R5IP_woAxWeYJWxxyZSXsD2T1h5iQwC7EUIFZRlyVerLV5Ganb3eAg81UqrL5uKqk6AM25BiKQbFlzbNGt9OaLbWUoHP0FfqqsjaOsmHSkeigJEhWKaKeD2Bdm_e8_/AUcEkE-0bPixATtMQVf6GQlhQGA9jWpL413BVAsWKWeuvgEIMKcITEoG02ElRYQAARs2D95hITLEKt_seV-1zgTYCz3YV52ggJca8dZ2WabQVQyPOCqOdyvk_YXnEWAL/.../

http://dw.uptodown.com/dl/1429186099/.../call-of-duty-special-edition-screensaver-1-0-en-win.exe

http://dw.uptodown.com/dwn/B5fYNfgIcC94nM_5-YeOLMMcvXwx3W02_JPyRZaXXJxECS37i3rNcYiD9xRZLb74mbELWyq56OKRGIdKIVe6TRe8cnwNJJspLu0ng4imNOmCO6u3XcmPURo4SlI-oPB1/TAIfArafup4tWG1E0sZiHDY_8L6Qvud58m19sGFdc9ifiCYXAREzFX5eTQYiPmtbuW4Yb-WYn4MV0qRoONNThXrxB6Uo9zQtGBVIbkYFYFxOV80IyWxOD9zN-gRB2VcJ/ZJ6UfrR1s5LQ5brUpESMoYsmX12EMbD-NlrLCv5DVTV_yqHGbMdriRWlDTdreLsr8d1PFmwNEDHXmk0XIDjTRmcj1dpq0ZU1YSezI7czsbIRHV6CAVWMh2TOfM9Aswwt/.../

http://dw.uptodown.com/dwn/4VbvySsAjKFTPG-6NU7LHEr8FKitx_weTxbI0jrSW33Ulo69_DkNs32wtFXMnSAX4t34E2AmqB1lj0Hv5nXRPXYkw-q0rl1ClAU59zJ3YvBeSC3Cec0vDrJGq5ofCONH/NEbyxTcjJpqMRNTHDS-Kj165jaQsBZQm7-sZSjhfP8ExLoNUXv10UkzZPEjiG0598rL9hb4wW_iehkqDWBpUrm7w5WjK_GmnyaDTJF-wpAweX7QzJZAN38eqrNEytpG3/fwEEzh8kMfnw2wxmJfnIm3iMexLYFdJiVeofZ-ahlqR2lvdRuszoA-mzuIofXfH-qsuspLHvJDuLOuCBbEUyfh5lE87RSQt8pTOXUqLlJHYQ2fAHLIymmg5-S-1mQPpk/.../

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):

Connects to static.5-9-51-208.clients.your-server.de (5.9.51.208:80)

Scan call_of_duty_special_edition_screensaver.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.