» homm6_plus8_trainer.exe
Overview
Analysis
File Details
Programs (1)
Downloads (3)

homm6_plus8_trainer.exe

The executable homm6_plus8_trainer.exe has been detected as malware by 5 anti-virus scanners. This is a setup program which is used to install the application. This file is typically installed with the program Might And Magic Heroes VI Gold Repack by VictorVal. The file has been seen being downloaded from s2485.chomikuj.pl and multiple other hosts.

File name:

MD5:

620128264d815681becd9ac4e14fa935

SHA-1:

d301e980797d2c1637e4763a363b265c0750a24e

SHA-256:

9e948e546794d194fd0afcda855fd497c2e2e961a85b833b30470c50dc6dcea0

Scanner detections:

5 / 68

Status:

Malware

Analysis date:

8/15/2025 1:57:57 AM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/HackTool.CheatEngine.AF (variant)

8.9267

K7 AntiVirus

Hacktool

13.175.10781

McAfee

Artemis!620128264D81

5600.7184

Vba32 AntiVirus

TrojanDropper.Dapato

3.12.24.3

VIPRE Antivirus

Trojan.Win32.Generic.pak!cobra

25244

File size:

3.1 MB (3,249,152 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

2/26/2011 4:09:20 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

49152:qdHa+NR65p50mmA3YbCerkMGEdVCWuRyDGka3hDNx2yWnQlvTAmEJsoEb+3J:o6+m5ommA3YbCerzjuYKdDNE52vpop

Entry address:

0x157A

Entry point:

E8, FD, 16, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 58, AD, 40, 00, 89, 0D, 54, AD, 40, 00, 89, 15, 50, AD, 40, 00, 89, 1D, 4C, AD, 40, 00, 89, 35, 48, AD, 40, 00, 89, 3D, 44, AD, 40, 00, 66, 8C, 15, 70, AD, 40, 00, 66, 8C, 0D, 64, AD, 40, 00, 66, 8C, 1D, 40, AD, 40, 00, 66, 8C, 05, 3C, AD, 40, 00, 66, 8C, 25, 38, AD, 40, 00, 66, 8C, 2D, 34, AD, 40, 00, 9C, 8F, 05, 68, AD, 40, 00, 8B, 45, 00, A3, 5C, AD, 40, 00, 8B, 45, 04, A3, 60, AD, 40, 00, 8D, 45, 08, A3, 6C, AD, 40... 
[+]

Code size:

25.5 KB (26,112 bytes)

The file homm6_plus8_trainer.exe has been discovered within the following program.

Might And Magic Heroes VI Gold Repack by VictorVal

This is a repack of the orignal game where the installer has been packed by a pirated group in order to reduce the size through (lossy/lossless) compression.

www.vvalworld.com

About 3% of users remove it

The file homm6_plus8_trainer.exe has been seen being distributed by the following 3 URLs.

http://s2485.chomikuj.pl/File.aspx?e=qP-I3htYRof2f1XFKq-4kqz3nnGJ3TGBb4EYFBL97FGAEr6VQbqgZBkhH1ME6WvX510ZoS9nERq9jSrCajKNcWgf0hSG8THTNSGCcIK6Tkhzwujshi5kTQbAjsopcnK25dTyA6sHmmQ5n1qY2HcO2w&pv=2

http://s2485.chomikuj.pl/File.aspx?e=qP-I3htYRof2f1XFKq-4kqz3nnGJ3TGBb4EYFBL97FE7f5eOVkDHQkAua2fFmlCgm5hr2GWZkwEz6sdNfXqV6fKOzpxK5AWSHh8FD0Cs_quOqnQ928d7r4PFOjy3ez7wKkLNa81vzwsYeqHEFyPaUQ&pv=2

http://s2485.chomikuj.pl/File.aspx?e=qP-I3htYRof2f1XFKq-4kqz3nnGJ3TGBb4EYFBL97FG3k01p91aNCQRA7ARAExlMpNM4DkmvZCS3zdJkJAAF9nPQYFUIh2G4ZvP6kTuRd9c8_OFBmyC08JiBbDa_loiwOn2FfV2kGN6skO-DhrELEQ&pv=2

Remove homm6_plus8_trainer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.