home

crysis.exe

Crysis

Crytek GmbH

This is a setup program which is used to install the application. It runs as a scheduled task under the Windows Task Scheduler. The file has been seen being downloaded from s10013.chomikuj.pl and multiple other hosts.
Publisher:
Crytek GmbH

Product:
Crysis

Version:
1, 1, 1, 5767

MD5:
fd06b74f891baeca67b895e7d8167094

SHA-1:
9a258da519293ddb62c371b2f87f1ef7cea61007

SHA-256:
03f22b9abf7d2e91119415cd9cb0072a4f9f3308fba91bc806a148106f1eea3d

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/25/2024 6:23:30 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAutoB
1.3.0.4959

Rising Antivirus
PE:Trojan.Win32.Generic.125AFA59!307952217
23.00.65.14616

File size:
9.1 MB (9,556,801 bytes)

Product version:
1, 1, 1, 5767

Copyright:
(C) 2007 Crytek GmbH

File type:
Executable application (Win32 EXE)

Language:
English

Common path:
C:\Program Files\electronic arts\crytek\crysis\bin32\crysis.exe

File PE Metadata
Compilation timestamp:
10/25/2007 1:54:27 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:2ULF9a/A7xRFRVFZvm+ZJP/PskqNfbSsn8ObR6YwVu1:23WR1F1I7Ssn8ObR69Vu1

Entry address:
0x26EC7

Entry point:
E8, A8, 02, 00, 00, E9, 35, FD, FF, FF, CC, FF, 25, CC, C0, 02, 37, FF, 25, D0, C0, 02, 37, FF, 25, D8, C0, 02, 37, 68, 3D, 6F, 02, 37, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 10, 18, 03, 37, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, FF, 74, 24, 10, FF, 74, 24, 10, FF, 74...
 
[+]

Code size:
172 KB (176,128 bytes)

Scheduled Task
Task name:
{30289002-8540-40D3-B3DD-567D7766F0F9}

Trigger:
Registration (Runs on registration)


The file crysis.exe has been discovered within the following programs.

CryEngine(R)2 Sandbox(TM)2  by Electronic Arts
Publisher's description - “CryENGINE 2 delivers a complete set of award-winning tools to build high quality games.”
www.ea.com
12% remove it
Crysis(R)  by Electronic Arts
Crysis is a video game distributed through EA's Origin digital distribution and digital rights management content delivery system.
6% remove it
 
Powered by Should I Remove It?

The file crysis.exe has been seen being distributed by the following 2 URLs.

http://s10013.chomikuj.pl/File.aspx?e=28WQwRkZxJlR5ZMB-uv6U9DgQO37irGBnhGAjcAIpgPSUtQrnr1-gfH9z8sAeUm7NSicxPqz57-aM9h5uIJCW1nAOQPBNsuQmrgzZPZYw2Pmjf-Y72d7dr59N2CyuXesMcr4cSiKMZWLxp-Ye2YIpw&pv=2

http://s5894.chomikuj.pl/File.aspx?e=gYWrQ0eIdntk5rlESw0bBHsugD65SjJdZb8qgUBzMNX2LnzxHgJL4KMkMzEDNV2ougS47kPKzNx8AaTB0tWRIJ2DFbpvZZVMvZp9jgUL4ETzeFX4-GcJdgS-FEUzXmB3&pv=2

Scan crysis.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.