home

metal slug x portable.exe

The executable metal slug x portable.exe has been detected as malware by 16 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from fileshare1030.depositfiles.org and multiple other hosts.
MD5:
efc173f64f565eff187d68d952309fb8

SHA-1:
7d4d0ce94a48576c3cd3d740c906fbe546709685

Scanner detections:
16 / 68

Status:
Malware

Analysis date:
5/7/2024 10:11:06 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.6129520
848

Agnitum Outpost
Trojan.PWS.OnLineGames
7.1.1

AVG
PSW.OnlineGames3
2015.0.3326

Comodo Security
UnclassifiedMalware
19609

Dr.Web
Trojan.PWS.Wsgame.25535
9.0.1.0283

Fortinet FortiGate
W32/Onlinegames.XOXT!tr
10/10/2014

F-Secure
Trojan.Generic.6129520
11.2014-10-10_6

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.7.8.0

McAfee
Artemis!4AC5F9ADBAEE
5600.6982

MicroWorld eScan
Trojan.Generic.6129520
15.0.0.849

NANO AntiVirus
Trojan.Win32.OnLineGames.dmjsw
0.28.2.62286

Norman
Troj_Generic.PWYGW
11.20141010

Rising Antivirus
PE:Trojan.Win32.Generic.16BAB1EE!381333998
23.00.65.141008

Trend Micro House Call
TROJ_SPNR.0BJ112
7.2.283

Trend Micro
TROJ_SPNR.0BJ112
10.465.10

VIPRE Antivirus
Trojan.Win32.Generic
33398

File size:
39.2 MB (41,153,353 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\documents and settings\pc\bureau\hocine\games\metal slug collection\metalslug x portable\metal slug x portable.exe

File PE Metadata
Compilation timestamp:
9/20/2007 1:34:50 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
786432:Zvp+21Vb4uZ6BSprc6D3tk1wzImCVgpbGJ0u8QLOvu46bLS4q:1p+ybYyzxk1wFQJ0u88Ov4Rq

Entry address:
0x1000

Entry point:
E8, 8B, 27, 00, 00, 50, E8, 4F, A4, 00, 00, 00, 00, 00, 00, 90, 55, 8B, EC, 53, 56, 57, 8B, 7D, 10, 8B, 5D, 0C, 8B, 75, 08, 8B, D3, FF, 75, 14, 68, E1, C0, 40, 00, 6A, 00, 6A, 00, 8B, C6, 8B, CF, E8, 3A, 44, 00, 00, 81, EB, 10, 01, 00, 00, 74, 05, 4B, 74, 14, EB, 57, FF, 75, 14, 6A, 66, 56, E8, A4, A6, 00, 00, B8, 01, 00, 00, 00, EB, 47, 66, 81, E7, FF, FF, 66, FF, CF, 74, 07, 66, FF, CF, 74, 23, EB, 30, 68, 80, 00, 00, 00, 68, A8, DD, 40, 00, 6A, 65, 56, E8, EA, A5, 00, 00, 6A, 01, 56, E8, C4, A5, 00, 00...
 
[+]

Code size:
44 KB (45,056 bytes)

The file metal slug x portable.exe has been seen being distributed by the following 12 URLs.

http://fileshare1030.depositfiles.org/auth-14705948212d39f3ba69de4ca9eefbc9-191.113.80.160-2643432054-138850310-guest/.../MSX.exe

http://fileshare1030.depositfiles.org/auth-1478811157806e6c7650fc694049dd59-190.113.148.81-35422701-138850310-guest/.../MSX.exe

http://fileshare1030.depositfiles.org/auth-1481319602abfa40849050105b77e965-187.186.194.149-60253749-138850310-guest/.../MSX.exe

http://fileshare1030.depositfiles.org/auth-1467935173f7afc8be7332c589a0aa00-181.209.246.173-2615228602-138850310-guest/.../MSX.exe

http://fileshare1030.depositfiles.org/auth-1465603839e7a990507aee035e721a11-181.118.74.56-2589947858-138850310-guest/.../MSX.exe

http://fileshare1030.depositfiles.org/auth-1476049114316f685208e91737ddd2da-177.228.91.250-7392134-138850310-guest/.../MSX.exe

http://fileshare1030.dfiles.eu/auth-14673302920831674fea0eeba52e3703-84.121.163.49-2609080061-138850310-guest/.../MSX.exe

http://fileshare1030.depositfiles.org/auth-146862971542db2e95db735d2bbdaafe-190.161.112.163-2622460720-138850310-guest/.../MSX.exe

http://fileshare1030.depositfiles.org/auth-1459617050e022fae6246954a76355c5-186.151.17.61-2519757784-138850310-guest/.../MSX.exe

http://fileshare1030.depositfiles.org/auth-14633512632b0a38d15cbe391e35f58e-187.241.170.95-2564366513-138850310-guest/.../MSX.exe

http://fileshare1030.depositfiles.org/auth-1443825209103fc4d7457e36fb8d38b8-201.230.114.141-2300156985-138850310-guest/.../MSX.exe

http://fileshare1030.depositfiles.org/auth-14505720729bbda41ffa1d336e0e6528-190.117.204.250-2399698360-138850310-guest/.../MSX.exe

Remove metal slug x portable.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.