home

csgo_updater.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.iammaddog.ru.
MD5:
87577a4218bd27d388a82dbc656edcfd

SHA-1:
d5d5bc36e39a942dae6b4cab3d8571bf912154f8

SHA-256:
9883bb87a0887e7dbe413ae45d333bf9f55c1e288200b8e07b3cd75737390e9a

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
5/1/2024 3:39:20 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Packed
1.3.0.7133

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra
43782

File size:
2.2 MB (2,358,272 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\csgo_updater.exe

File PE Metadata
Compilation timestamp:
7/6/2015 3:02:06 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.16

CTPH (ssdeep):
49152:cZ070YUugAQRYRxJce2Fi6zmwMe06a3wzzxiJuD9gYusrovStuUIi4h:cW7/gdGRcy6awM9w5yuDWVsrovSbIRh

Entry address:
0x126E

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, 00, 10, 40, 00, E9, 6F, F9, 8C, 00, 3E, 67, D6, 76, 4A, F5, 6E, 51, 91, AA, 4A, 94, C5, 88, 58, 82, FF, 62, 47, F4, A8, C9, 42, 01, 25, CF, 56, C1, 29, 45, C9, 4F, FD, 58, 48, 9C, 8C, CF, C6, CE, 26, 42, B3, 47, 60, 81, C7, 78, DC, A2, 4F, 15, 66, 87, E0, 41, A9, 18, BF, 67, 3D, 1F, C8, 63, BD, EC, AB, 99, 46, 42, F5, 83, 19, D8, BA, 81, F2, 07, B3, F4, F6, 4D, DE, 2F, 82, BF, 7A, A8, 93, 93, 5F, 0A, 75, BE, 3F, 6E, 5C, 65, 63, 3F, 68, 66, 1E, F3, DE...
 
[+]

Entropy:
7.9906  (probably packed)

Code size:
132.5 KB (135,680 bytes)

The file csgo_updater.exe has been seen being distributed by the following URL.

http://www.iammaddog.ru/.../csgo_updater.exe

Scan csgo_updater.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.