» csswh.exe
Overview
Analysis
File Details
Downloads (1)

csswh.exe

The application csswh.exe has been detected as a potentially unwanted program by 16 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from download2002.mediafire.com.

File name:

csswh.exe

Version:

1.8.0.0

MD5:

9f08b9a628bcaae0db8f1f6a9038c2e6

SHA-1:

f498af95c178e280974910f46cba4a94956261d5

SHA-256:

a16b7b68e6e30b67389f11477eb5443ff94a55695dff84c931840008b2439393

Scanner detections:

16 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 2:49:21 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

HackTool.CheatEngine

7.1.1

AVG

Skodna.GameHack

2017.0.2696

Bkav FE

W32.LeepicoB.Trojan

1.3.0.4613

Clam AntiVirus

Trojan.Dropper-26973

0.98/18355

Comodo Security

ApplicUnwnt.Win32.HTool.A

17501

Emsisoft Anti-Malware

Android.Adware.Mobclick

8.16.06.30.01

ESET NOD32

Win32/HackTool.CheatEngine.AB (variant)

10.9190

Fortinet FortiGate

Riskware/CheatEngine

6/30/2016

F-Prot

W32/Trojan2.NMHW

v6.4.7.1.166

F-Secure

Trojan:W32/Agent.DSOA

11.2016-30-06_5

K7 AntiVirus

Trojan

13.174.10623

Malwarebytes

HackTool.GamesCheat.Gen

v2016.06.30.01

Norman

CheatEngine.QU

11.20160630

SUPERAntiSpyware

Trojan.Agent/Gen-CheatEngine

9050

Total Defense

Win32/CheatEngine.A!genus

37.0.10662

VIPRE Antivirus

Trojan.Win32.Delf.abt

24772

File size:

690.8 KB (707,400 bytes)

Product version:

1.2

File type:

Executable application (Win32 EXE)

Language:

Dutch (Netherlands)

Common path:

C:\users\{user}\downloads\csswh.exe

File PE Metadata

Compilation timestamp:

6/20/1992 7:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:9EDCJJDXb8qWvvMyesvleMkWzChpBTfgYvVtcgwSuLnKtTa:9mQGbvNvjkJPKuMlXt

Entry address:

0x93BBC

Entry point:

55, 8B, EC, 83, C4, F0, B8, 34, 39, 49, 00, E8, 18, 29, F7, FF, A1, F0, 9D, 49, 00, 8B, 00, E8, 60, 57, FC, FF, A1, F0, 9D, 49, 00, 8B, 00, C6, 40, 5B, 00, 8B, 0D, FC, 9C, 49, 00, A1, F0, 9D, 49, 00, 8B, 00, 8B, 15, CC, 36, 49, 00, E8, 55, 57, FC, FF, A1, F0, 9D, 49, 00, 8B, 00, E8, C9, 57, FC, FF, E8, 08, 06, F7, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

587.5 KB (601,600 bytes)

The file csswh.exe has been seen being distributed by the following URL.

http://download2002.mediafire.com/cl9r2cp78ufg/.../CssWH.exe

Remove csswh.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.