» etw-alexandereliot.exe
Overview
Analysis
File Details

etw-alexandereliot.exe

Empire Total War Trainer

CheatHappens

The application etw-alexandereliot.exe has been detected as a potentially unwanted program by 11 anti-malware scanners.

File name:

Publisher:

CheatHappens

Product:

Empire Total War Trainer

Version:

1.0022

MD5:

c4960874fd241bac91d5fa5db830aa6c

SHA-1:

ccfd9669f64071b495e67490e1599c3159a49152

SHA-256:

b2f4fced0827b8ccaf535ea7d2f70dee6f606a87325c37fc86ce4bb9c1c542c5

Scanner detections:

11 / 68

Status:

Potentially unwanted

Analysis date:

4/27/2024 1:50:27 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Riskware.GameHack

7.1.1

AVG

Potentially harmful program Skodna.GameHack.FVC

2014.0.3986

Bkav FE

HW32.CDB

1.3.0.4959

Comodo Security

TrojWare.Win32.Buzus.lhut

19306

Dr.Web

DLOADER.Trojan

9.0.1.0237

ESET NOD32

Win32/GameHack.F potentially unsafe application

7.0.302.0

Fortinet FortiGate

W32/GameHack.F!tr

8/25/2014

F-Prot

W32/GameHack.C.gen

4.6.5.141

NANO AntiVirus

Trojan.Win32.GameHack.wrhnq

0.28.2.61721

Trend Micro House Call

HV_GAMEHACK_CG0945E5.RDXN

7.2.237

VIPRE Antivirus

Threat.4790471

32210

File size:

1.3 MB (1,375,764 bytes)

Product version:

13464

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

File PE Metadata

Compilation timestamp:

8/7/2012 9:20:08 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.50

CTPH (ssdeep):

24576:/pJgTqxPIzrE2Pugsje7yFO/qi/NXNfGCjSLmwsNPd3RgSJBV1Ls2wBPU/:/pJgTqxPIzdupCyFO/jNd+CjS7sNlKSJ

Entry address:

0x1000

Entry point:

68, 68, 03, 00, 00, 68, 00, 00, 00, 00, 68, 80, F5, 53, 00, E8, 9C, A0, 00, 00, 83, C4, 0C, 68, 00, 00, 00, 00, E8, 95, A0, 00, 00, A3, 84, F5, 53, 00, 68, 00, 00, 00, 00, 68, 00, 10, 00, 00, 68, 00, 00, 00, 00, E8, 82, A0, 00, 00, A3, 80, F5, 53, 00, E8, 8C, F2, 00, 00, E8, 0B, F2, 00, 00, E8, A2, E8, 00, 00, E8, 25, D6, 00, 00, E8, DA, CD, 00, 00, E8, AD, CC, 00, 00, E8, ED, C6, 00, 00, E8, CE, C0, 00, 00, E8, 34, BF, 00, 00, E8, 92, B8, 00, 00, E8, 51, B7, 00, 00, E8, 10, AB, 00, 00, E8, 10, C6, 00, 00... 
[+]

Entropy:

7.1776

Packer / compiler:

PKLITE32, 0x1.1

Code size:

93 KB (95,232 bytes)

Remove etw-alexandereliot.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.