» ekoloko ExTrA cheat.exe
Overview
Analysis
File Details
Downloads (1)

ekoloko ExTrA cheat.exe

ekoloko ExTrA cheat

The executable ekoloko ExTrA cheat.exe has been detected as malware by 10 anti-virus scanners. The file has been seen being downloaded from download1001.mediafire.com.

File name:

Product:

ekoloko ExTrA cheat

Version:

1.0.0.0

MD5:

3b8acce74292c620d95f28618f32990a

SHA-1:

d4a34f5c8e5f0ab6fc163968df99c8239a56d966

SHA-256:

b4e4c895b9cf250e9aadb334d395dec75347ba175641018c3e621b0545e30213

Scanner detections:

10 / 68

Status:

Malware

Analysis date:

4/24/2024 1:41:14 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.11567955

254

Avira AntiVirus

TR/Spy.Gen

7.11.164.106

Bitdefender

Trojan.Generic.11567955

1.0.20.735

Emsisoft Anti-Malware

Trojan.Generic.11567955

8.16.05.26.04

F-Secure

Trojan.Generic.11567955

11.2016-26-05_5

G Data

Trojan.Generic.11567955

16.5.24

IKARUS anti.virus

Trojan.Spy

t3scan.1.6.1.0

MicroWorld eScan

Trojan.Generic.11567955

17.0.0.441

nProtect

Trojan.Generic.11567955

14.07.29.01

Trend Micro House Call

Suspicious_GEN.F47V0722

7.2.147

File size:

623.5 KB (638,464 bytes)

Product version:

1.0.0.0

Original file name:

ekoloko ExTrA cheat.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\ekoloko extra cheat.exe

File PE Metadata

Compilation timestamp:

4/18/2014 9:31:27 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:wjs5dCGFEf+JhrsaJ8cRAq9qn433wc1js5dCGFEfaVjs5dCGFEf:5zEf+frVAuGzEfaizEf

Entry address:

0x7A1AE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 7F, 6F, 51, 53, 00, 00, 00, 00, 02, 00, 00, 00, 1C, 01, 00, 00, 1C, C0, 07, 00, 1C, 86, 07, 00, 52, 53, 44, 53, 9D, 16, 79, 11, B6, E2, B6, 43, A6, DF, 6E, BF, 5E, 20... 
[+]

Entropy:

6.7840

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

480.5 KB (492,032 bytes)

The file ekoloko ExTrA cheat.exe has been seen being distributed by the following URL.

http://download1001.mediafire.com/8v5kf119tdvg/.../ekoloko ExTrA cheat.exe

Remove ekoloko ExTrA cheat.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.