home

fifa13 i68regenerator 3.1 ul.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from cs15.userfiles.me.
MD5:
fff50dad126439c8f1d6c8c418601ed5

SHA-1:
8bb5ff1d12a0de82bbed76c88ae5141e3e6b3520

SHA-256:
002125765a126202488c3c6f9fe207dccb652859854a24cf0cd7544ffe0b924d

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/26/2024 12:15:05 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Trojan.KillFiles.17806
9.0.1.05190

Qihoo 360 Security
virus.bat.startmuch.a
1.0.0.1015

Trend Micro House Call
PAK_Generic.005
7.2.175

Trend Micro
PAK_Generic.005
10.465.24

File size:
8.3 MB (8,709,074 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
3/2/2011 9:40:24 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:rM9Kj5pLmCuTOcOAKFxbLKnXZapkFTmgdfT7AAY56FGu/LXEX+jAuEA:kIpL+TODAsb8XZaaFTv6AYBuzXEX4/

Entry address:
0xB4B5

Entry point:
E8, E3, FE, FF, FF, 33, C0, 50, 50, 50, 50, E8, 7F, 2D, 00, 00, C3, 56, 57, 8B, 7C, 24, 0C, 8B, F1, 8B, CF, 89, 3E, E8, 1E, A1, FF, FF, 89, 46, 08, 89, 56, 0C, 8B, 87, 1C, 0C, 00, 00, 89, 46, 10, 5F, 8B, C6, 5E, C2, 04, 00, 8B, C1, 8B, 08, 8B, 50, 10, 3B, 91, 1C, 0C, 00, 00, 75, 0D, 6A, 00, FF, 70, 0C, FF, 70, 08, E8, 47, A6, FF, FF, C3, 55, 8B, EC, 83, EC, 1C, 56, 33, F6, 56, 56, 56, 56, 8D, 45, E4, 50, FF, 15, 48, 32, 41, 00, 85, C0, 74, 21, 56, 56, 56, 8D, 45, E4, 50, FF, 15, 4C, 32, 41, 00, 8D, 45, E4...
 
[+]

Entropy:
7.9976  (probably packed)

Code size:
70.5 KB (72,192 bytes)

The file fifa13 i68regenerator 3.1 ul.exe has been discovered within the following programs.

FIFA 13  by Electronic Arts
FIFA 13 is developed by EA Canada. There are 26 stadia in FIFA 13, including two new real ones: Tottenham Hotspur's White Hart Lane and the Saudi Arabia's King Fahd International Stadium. and one new generic stadium, Sanderson Park.
www.ea.com/ru
5% remove it
 
Powered by Should I Remove It?

The file fifa13 i68regenerator 3.1 ul.exe has been seen being distributed by the following URL.

http://cs15.userfiles.me/f/0/1425048717/36659931/0/.../Fifa13_i68Regenerator_3.1_UL-spaces.ru.exe

Scan fifa13 i68regenerator 3.1 ul.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.