home

cm-ra2tr.exe

Trainer

CyberMan's Production

The executable cm-ra2tr.exe, “This is the game trainer” has been detected as malware by 6 anti-virus scanners. The file has been seen being downloaded from download1010.mediafire.com.
Publisher:
CyberMan's Production

Product:
Trainer

Description:
This is the game trainer

Version:
4, 2, 0, 0

MD5:
14340ab377d67d6a5ffe3886b05cddc1

SHA-1:
e5731f2415dcd440e582bedf510e8e6bbbae1b96

SHA-256:
ebc0a03fbb9f1992124f89e22fb054bbd9f026c0e5c579b2fd37f72e6061f870

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
5/10/2024 3:30:01 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Vitro
160518-2

Dr.Web
Win32.Virut.56
9.0.1.05190

ESET NOD32
Win32/Virut.NBP virus
8.0.319.0

F-Prot
W32/Virut.AL!Generic
4.6.5.141

McAfee
Virus.W32/Virut.n.gen
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.223.1270.0

File size:
41.5 KB (42,496 bytes)

Product version:
1, 0, 0, 0

Copyright:
PMHE Copyright © 1999-2001 By CyberMan

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\cm-ra2tr.exe

File PE Metadata
Compilation timestamp:
2/13/2001 11:24:55 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:pxdxMhtkdA2DRi11ob/jHTWlLPsJLWZ1Gok6Ri5ddpRxONd5U+B:bytkG2Dxbul7QyGok6c57FGU+

Entry address:
0x268C8

Entry point:
83, 3C, 24, FE, 8B, C0, 77, FE, 8D, 64, 24, CC, 84, FD, 60, 83, EC, DC, E8, AB, 00, 00, 00, 4B, 66, 4B, 75, FC, 30, E0, B0, 6B, 01, D0, FF, 73, 3C, B2, 20, BE, 17, 86, C4, 5D, 59, B2, D0, 81, E9, FD, FF, FF, 7F, 73, E0, 90, 92, 8A, F3, 81, D9, E6, 13, 00, 00, 8D, 86, 89, 0F, E8, B5, 71, CE, 3C, 76, 4A, 90, FF, B4, 19, E4, 13, 00, 80, 83, C4, 04, 66, 81, 44, 24, FC, B0, BA, 75, B7, 3C, 27, 86, D4, 68, 79, E9, DA, AD, 80, E9, 64, E8, 73, 00, 00, 00, 41, 89, 74, 24, 44, E8, 8B, FE, FF, FF, 89, 44, 24, 34, E9...
 
[+]

Entropy:
7.5993

Code size:
12 KB (12,288 bytes)

The file cm-ra2tr.exe has been seen being distributed by the following URL.

http://download1010.mediafire.com/b9ye4osoedng/.../cm-ra2tr.exe

Remove cm-ra2tr.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.