» gta5filecheck_sha1.exe
Overview
Analysis
File Details
Programs (1)
Downloads (21)

gta5filecheck_sha1.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.file-upload.net and multiple other hosts.

File name:

MD5:

cc41e60e15b82a6d1b1d713f6649aeca

SHA-1:

04804457dd16a80cab8b95e189758b28aec771d2

SHA-256:

90d5945662d741aa5d8b07e357abb352e2cf9855c108bfcb4c848ef95d6b8a73

Scanner detections:

6 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/25/2024 12:58:11 PM UTC (today)

Scan engine

Detection

Engine version

F-Prot

W32/AutoIt.DB.gen

v6.4.7.1.166

herdProtect (fuzzy)

variant of ~au3yzkdoqq.exe

2015.7.28.9

Qihoo 360 Security

HEUR/QVM10.1.Malware.Gen

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Injector.fw!1075357566

23.00.65.15520

Trend Micro House Call

Suspicious_GEN.F47V0413

7.2.118

ViRobot

Trojan.Win32.A.Agent.903680.C[h]

2014.3.20.0

File size:

882.5 KB (903,680 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

File PE Metadata

Compilation timestamp:

4/11/2015 7:29:00 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:atb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgaLTcOQ5k6A:atb20pkaCqT5TBWgNQ7aPchk6A

Entry address:

0x25F74

Entry point:

E8, 6A, CE, 00, 00, E9, 7F, FE, FF, FF, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, 58, 01, 4C, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, 70, A3, 4B, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, 58, 01, 4C, 00, 00, 0F, 83, A7, 01, 00, 00, F7, C7, 03, 00, 00, 00, 0F, 85, B8, 01, 00, 00, F7, C6, 03, 00... 
[+]

Code size:

557.5 KB (570,880 bytes)

The file gta5filecheck_sha1.exe has been discovered within the following program.

Grand Theft Auto V by Rockstar Games

www.RockstarGames.com

About 1% of users remove it

The file gta5filecheck_sha1.exe has been seen being distributed by the following 21 URLs.

http://www.file-upload.net/download5.php?valid=329.67059793025&id=10533291&name=GTA5FileCheck_SHA1.exe

https://downloader.disk.yandex.com/disk/86a69db4e635f77e2b9d0d39338634c0de8b1db8dcd6dbf50e22def85c98e689/585ea70e/Z5KL1lADn3sLBJYlyAOG6C8EgDTB7VvbUG85owZMbntCmWx3FZ4LLyaJ3TC23K5lSPPsHfrkl2g1XFYd71hbFQ==?uid=0&filename=GTA5FileCheck_SHA1.exe&disposition=attachment&hash=z4nrVkuRdQweqMcFU4HuicezHGjNo RWQUfQ/.../x-msdownload&fsize=903680&hid=261127cbb6e61c8d3ea13b7a9f0ffc1a&media_type=executable&tknv=v2

http://www.file-upload.net/download5.php?valid=296.23917425225&id=10533291&name=GTA5FileCheck_SHA1.exe

http://www.file-upload.net/download5.php?valid=264.83033761225&id=10533291&name=GTA5FileCheck_SHA1.exe

https://downloader.disk.yandex.com/disk/6248dbb27ed16fb8167aff2d441bae101c68a0e25f03a24171a8d097ecd40cd0/577ba040/Z5KL1lADn3sLBJYlyAOG6C8EgDTB7VvbUG85owZMbntCmWx3FZ4LLyaJ3TC23K5lSPPsHfrkl2g1XFYd71hbFQ==?uid=0&filename=GTA5FileCheck_SHA1.exe&disposition=attachment&hash=z4nrVkuRdQweqMcFU4HuicezHGjNo RWQUfQ/.../x-msdownload&fsize=903680&hid=261127cbb6e61c8d3ea13b7a9f0ffc1a&media_type=executable&tknv=v2

https://downloader.disk.yandex.com/disk/899525b0994c08b5f384f69a801449edde90f029b38011e1ad57e2361a28bd19/58647f20/Z5KL1lADn3sLBJYlyAOG6C8EgDTB7VvbUG85owZMbntCmWx3FZ4LLyaJ3TC23K5lSPPsHfrkl2g1XFYd71hbFQ==?uid=0&filename=GTA5FileCheck_SHA1.exe&disposition=attachment&hash=z4nrVkuRdQweqMcFU4HuicezHGjNo RWQUfQ/.../x-msdownload&fsize=903680&hid=261127cbb6e61c8d3ea13b7a9f0ffc1a&media_type=executable&tknv=v2

http://www.file-upload.net/download5.php?valid=770.32433481415&id=10533291&name=GTA5FileCheck_SHA1.exe

http://www.file-upload.net/download5.php?valid=798.53429432415&id=10533291&name=GTA5FileCheck_SHA1.exe

http://www.file-upload.net/download5.php?valid=949.71700948025&id=10533291&name=GTA5FileCheck_SHA1.exe

http://www.file-upload.net/download5.php?valid=803.76093957025&id=10533291&name=GTA5FileCheck_SHA1.exe

http://www.oddeyer.com/?module=file&act=procFileDownload&file_srl=7877&sid=91dfeb962024b8e58741943346269372&module_srl=6716

http://www.file-upload.net/download.php?valid=634.22507758305&id=10533291&name=GTA5FileCheck_SHA1.exe

http://www.file-upload.net/download5.php?valid=146.52071761505&id=10533291&name=GTA5FileCheck_SHA1.exe

http://www.file-upload.net/download5.php?valid=798.58111617615&id=10533291&name=GTA5FileCheck_SHA1.exe

http://www.file-upload.net/download5.php?valid=128.26204215215&id=10533291&name=GTA5FileCheck_SHA1.exe

http://www.file-upload.net/download5.php?valid=451.69504058315&id=10533291&name=GTA5FileCheck_SHA1.exe

http://www.file-upload.net/download5.php?valid=264.36601761215&id=10533291&name=GTA5FileCheck_SHA1.exe

http://www.file-upload.net/download.php?valid=971.73268019305&id=10533291&name=GTA5FileCheck_SHA1.exe

http://www.file-upload.net/download.php?valid=798.58186349305&id=10533291&name=GTA5FileCheck_SHA1.exe

http://am4-r1f6-stor01.uploaded.net/.../4033a2a7-1a02-4e0e-8ed9-30a99f08063f

http://www.file-upload.net/download.php?valid=14.13646432405&id=10533291&name=GTA5FileCheck_SHA1.exe

Scan gta5filecheck_sha1.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.