home

cod4mw.exe

The executable cod4mw.exe has been detected as malware by 1 anti-virus scanner. This is a setup program which is used to install the application. The file has been seen being downloaded from am4-r1f1-stor06.uploaded.net and multiple other hosts.
MD5:
487dddedfa658d74980aeec85fcbad96

SHA-1:
8fbed2e8cd9d29cebabd3255be28a0f740964545

SHA-256:
efdcf080a1c6db6c8300f4e9dd4f25ba6d4de7ed202b9c709bf77d0aa7541b8f

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
5/14/2024 6:53:47 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
(M)
16.6.5.12

File size:
4.1 MB (4,316,805 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\cod4mw.exe

File PE Metadata
Compilation timestamp:
12/1/2013 8:08:28 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:BRWWOoCGNV7cwji0L78T2hDkJpIe8LKjxGpfflJvt2247B:Bb/1jico8oIeNGVoR7B

Entry address:
0x108AF

Entry point:
E8, 9C, 58, 00, 00, E9, 78, FE, FF, FF, 55, 8B, EC, 83, EC, 04, 89, 7D, FC, 8B, 7D, 08, 8B, 4D, 0C, C1, E9, 07, 66, 0F, EF, C0, EB, 08, 8D, A4, 24, 00, 00, 00, 00, 90, 66, 0F, 7F, 07, 66, 0F, 7F, 47, 10, 66, 0F, 7F, 47, 20, 66, 0F, 7F, 47, 30, 66, 0F, 7F, 47, 40, 66, 0F, 7F, 47, 50, 66, 0F, 7F, 47, 60, 66, 0F, 7F, 47, 70, 8D, BF, 80, 00, 00, 00, 49, 75, D0, 8B, 7D, FC, 8B, E5, 5D, C3, 55, 8B, EC, 83, EC, 10, 89, 7D, FC, 8B, 45, 08, 99, 8B, F8, 33, FA, 2B, FA, 83, E7, 0F, 33, FA, 2B, FA, 85, FF, 75, 3C, 8B...
 
[+]

Code size:
98 KB (100,352 bytes)

The file cod4mw.exe has been seen being distributed by the following 35 URLs.

http://am4-r1f1-stor06.uploaded.net/.../41a5fbc6-e337-4a9e-9a22-5fc23ac3470a

http://am4-r1f1-stor06.uploaded.net/.../bb3fc559-ac38-40f5-b3f7-b050f70c4e8b

http://am4-r1f1-stor06.uploaded.net/.../64e8475d-9c94-43bb-bbca-7bed14dab543

http://am4-r1f1-stor06.uploaded.net/.../052273b1-8837-4d26-9137-a0667ba1afb3

http://am4-r1f1-stor06.uploaded.net/.../3230fa62-653f-4753-b23f-c8ce7a0ce31b

http://am4-r1f1-stor06.uploaded.net/.../f6c85598-27fb-4b35-8234-7477fda0e4f9

http://am4-r1f1-stor06.uploaded.net/.../45bedfbd-c068-443f-ba65-97ed1ed2e110

http://am4-r1f1-stor06.uploaded.net/.../b71a334e-d0a3-4ecf-aff6-e5f1b9ff5394

http://am4-r1f1-stor06.uploaded.net/.../3ff31c34-4a05-4a78-b92f-6bac474b0f90

http://am4-r1f1-stor06.uploaded.net/.../a024c7a4-74be-472d-a82e-01cf6d88fcf1

http://am4-r1f1-stor06.uploaded.net/.../9828c254-03d5-4ce4-abb4-3c19aa1089eb

http://am4-r1f1-stor06.uploaded.net/.../c826a505-1a0f-4438-b671-c078997fefaf

http://am4-r1f1-stor06.uploaded.net/.../022efe86-908a-4d8f-b39f-733cab1836f5

http://am4-r1f1-stor06.uploaded.net/.../2abaca17-b0ad-40c0-81d2-f847b833b096

http://am4-r1f1-stor06.uploaded.net/.../86f1052f-c4a1-42ae-8e95-9cd04d2bc909

http://fileshare1300.depositfiles.com/auth-1466442815f942f8a648f4a27026fed5-197.200.58.21-2599458821-165403483-guest/.../COD4MW.exe

http://am4-r1f1-stor06.uploaded.net/.../ff0f87c8-48a9-4390-983a-767a52d2b2db

http://am4-r1f1-stor06.uploaded.net/.../dc79659d-daf3-4f6d-ab1e-927a0f780131

http://am4-r1f1-stor06.uploaded.net/.../f9a5abff-261f-4c15-ad7e-c074ec19337e

http://am4-r1f1-stor06.uploaded.net/.../f554cda4-2bd3-48c7-a6bf-09060bba83bf

http://am4-r1f1-stor06.uploaded.net/.../daaedd51-9bdc-40a3-a108-65453c4411b3

http://am4-r1f1-stor06.uploaded.net/.../ee52a995-db6b-45f8-ba80-5555bf7c087d

http://am4-r1f1-stor06.uploaded.net/.../827192df-449c-4915-a7ff-d753b7b9d7f8

http://am4-r1f1-stor06.uploaded.net/.../45dd7fe8-5fe6-4f23-ab90-ba10a28e850f

http://am4-r1f1-stor06.uploaded.net/.../07b4805b-1361-4336-b94a-79f1c481db87

http://am4-r1f1-stor06.uploaded.net/.../1dbf8560-cf26-4a3f-ab23-60b0bf30c042

http://am4-r1f1-stor06.uploaded.net/.../92170617-b81f-443f-968f-8a33327bf720

http://am4-r1f1-stor06.uploaded.net/.../f530d854-c99e-4164-8666-80c1f55297e3

http://am4-r1f1-stor06.uploaded.net/.../f146be71-818e-42a2-bb9f-1d4985f3099c

http://am4-r1f1-stor06.uploaded.net/.../85f7d2b5-5c9c-48fc-b235-a47051dddb50

Latest 30 of 35 download URLs

Remove cod4mw.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.