» hed-alexandereliot.exe
Overview
Analysis
File Details

hed-alexandereliot.exe

Hacker Evolution Duality Trainer

CheatHappens

The executable hed-alexandereliot.exe has been detected as malware by 3 anti-virus scanners.

File name:

Publisher:

CheatHappens

Product:

Hacker Evolution Duality Trainer

Version:

1.0002

MD5:

766b02c6549d32986c6f6a0ebea29737

SHA-1:

31df3b5563d02968b178a7afc0d915c21770f6a6

SHA-256:

6427b82fb1483e247055f655350a3e470669f415b2bad342c51400e1fb544032

Scanner detections:

3 / 68

Status:

Malware

Analysis date:

4/26/2024 11:41:20 AM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/GameHack.BE potentially unsafe application

7.0.302.0

F-Prot

W32/GameHack.E2.gen

4.6.5.141

VIPRE Antivirus

Threat.4793086

32210

File size:

663.5 KB (679,445 bytes)

Product version:

17845

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

File PE Metadata

Compilation timestamp:

3/5/2013 8:26:15 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.50

CTPH (ssdeep):

12288:on9zQ/axndNjmO8XuZUTXNQTTxyyPQkSJcU8C/ntzCJBV1Ls2LMpB8an4:oiSxnfjmqZU+TTxyaQk8R8C/tCJBV1LD

Entry address:

0x1000

Entry point:

68, 2C, 07, 00, 00, 68, 00, 00, 00, 00, 68, 04, 59, 49, 00, E8, 1B, 90, 00, 00, 83, C4, 0C, 68, 00, 00, 00, 00, E8, 14, 90, 00, 00, A3, 08, 59, 49, 00, 68, 00, 00, 00, 00, 68, 00, 10, 00, 00, 68, 00, 00, 00, 00, E8, 01, 90, 00, 00, A3, 04, 59, 49, 00, B8, E0, 48, 48, 00, A3, 0C, 59, 49, 00, E8, B2, 21, 01, 00, E8, 5E, 19, 01, 00, E8, 08, 0F, 01, 00, E8, 56, 03, 01, 00, E8, DF, 00, 01, 00, E8, D0, FF, 00, 00, E8, B4, F6, 00, 00, E8, AD, F2, 00, 00, E8, 36, F2, 00, 00, E8, CA, DB, 00, 00, E8, CF, C4, 00, 00... 
[+]

Entropy:

7.4983

Packer / compiler:

PKLITE32, 0x1.1

Code size:

275.5 KB (282,112 bytes)

Remove hed-alexandereliot.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.