home

gamesrg.exe

Project1

The executable gamesrg.exe has been detected as malware by 9 anti-virus scanners. While running, it connects to the Internet address 94-73-144-151.cizgi.net.tr on port 80 using the HTTP protocol.
Publisher:
Microsoft*  (Invalid match)

Product:
Project1

Version:
1.00

MD5:
1622583c20eda47dde53faca8fbca9b4

SHA-1:
a7981fe31a9b955832268f5ffe54bac4699a68af

SHA-256:
32d6919d06eb582d0c352b2b3aa4ddc7272ee242a51c9575db2130855a9a52dc

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
5/9/2024 11:28:04 AM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Trojan/Win32.Generic.C1563996
3.8.3.16

Avira AntiVirus
TR/Crypt.FKM.Gen
8.3.3.4

avast!
Win32:Evo-gen [Susp]
2014.9-170306

Bkav FE
W32.eHeur.Virus02
1.3.0.8876

ESET NOD32
Win32/GameHack.ARC potentially unsafe (variant)
11.15038

F-Prot
W32/FakeAlert.GT.gen
v6.4.7.1.166

K7 AntiVirus
Trojan
13.10.3.22616

McAfee
Artemis!1622583C20ED
5600.6103

Qihoo 360 Security
HEUR/QVM18.1.0000.Malware.Gen
1.0.0.1120

File size:
2.7 MB (2,863,104 bytes)

Product version:
1.00

Original file name:
UskoMulti.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
3/5/2017 4:00:51 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0xAE1DA

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, E2, 5C, 67, 00, 45, 9C, 63, FB, C2, 42, 91, 77, 5C, 8B, 46, E5, 04, 6C, 16, 02, A8, 7F, 13, 56, E5, D9, 06, E3, 8D, 86, AF, 15, 66, 00, 4C, 7C, A4, 4A, 6B, 7F, 7C, 1C, 36, C6, F1, FB, 7D, A4, D5, 3A, F9, 50, A9, CC, 5B, 33, 9D, FD, EE, 40, 08, 58, 32, EC, 48, 0E, E7, 09, 58, 3F, 13, 48, 4D, BB, 47, EB, 16, B3, 85, C9, 5D, 75, BC, A2, 94, F1, AE, 44, 5D, 0D, 1A, E6, 75, 1F, 59, BC, CA, F3, 3A, C5, C3, 7A, 9C, 48...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
2.8 MB (2,953,216 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to gadgetadv.ttnet.com.tr  (93.155.105.95:80)

TCP (HTTP):
Connects to eg-c-4-223.euromsg.net  (91.235.64.223:80)

TCP (HTTP):
Connects to 94-73-144-151.cizgi.net.tr  (94.73.144.151:80)

Remove gamesrg.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.