home

mod sexo para gta san andreas by th3cz4r.exe

The executable mod sexo para gta san andreas by th3cz4r.exe has been detected as malware by 7 anti-virus scanners. This is a setup program which is used to install the application. Infected by an entry-point obscuring polymorphic file infector which will create a peer-to-peer botnet and receives URLs of additional files to download. The file has been seen being downloaded from dc461.4shared.com.
MD5:
21396a1da4eb371fcae7f8872e183030

SHA-1:
7f1d92f2aa23c508f0080f885f8b4153ddaf0a51

SHA-256:
7f59b919977ad3d9477b7a0f950171b09a2c74980cb2bcf4de0529fae53ecb46

Scanner detections:
7 / 68

Status:
File is infected by a Virus

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
4/27/2024 4:04:30 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:SaliCode
160518-2

AVG
Win32/Sality
2015.0.4604

Emsisoft Anti-Malware
Win32.Sality
11.5.0.6191

ESET NOD32
Win32/Sality.NBA virus
8.0.319.0

F-Prot
W32/Sality.gen2
4.6.5.141

Microsoft Security Essentials
Threat.Undefined
1.225.469.0

Norman
Win32.Sality.3
22.05.2016 07:18:28

File size:
2.8 MB (2,943,387 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\mod sexo para gta san andreas by th3cz4r.exe

File PE Metadata
Compilation timestamp:
2/17/2012 6:55:21 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:yLSiEQEan64pfxPNUQ7l7d4MmjhiCaRKMxhrrjAWHc1YhITcY4CO5Hqz6BsHamvy:yWi964DNSThTMxJ/AWw8qceO5Kzfdy

Entry address:
0xB583

Entry point:
BD, E9, 59, 25, 50, 8D, 2D, 8D, 29, E4, 93, FE, C6, 76, 0A, FE, C0, 69, FB, 73, 35, B7, D0, 85, C8, 68, C8, 29, 93, 00, 88, D3, F2, F7, C0, 38, 20, 34, 5D, 21, D2, 68, 45, 55, DA, 00, 68, 77, E6, BF, 00, 08, EB, E8, 00, 00, 00, 00, 8A, E1, 81, C3, 9C, 9E, B9, D5, 85, E9, 78, 06, 09, F2, 89, F1, 86, EF, 69, D7, 4E, 31, 08, 00, 85, DD, 0F, AF, FF, 81, FD, 21, 7B, 00, 00, 5D, 0F, BF, D9, 89, C8, 80, E2, D8, 86, DF, 81, DE, 1C, 85, B9, EE, 69, F3, 9C, 5A, 6D, D3, 80, E5, 03, 25, 8B, D1, 9E, FA, 39, D6, 8B, FD...
 
[+]

Entropy:
7.9853  (probably packed)

Code size:
71.5 KB (73,216 bytes)

The file mod sexo para gta san andreas by th3cz4r.exe has been seen being distributed by the following URL.

http://dc461.4shared.com/download/.../Mod_Sexo_Para_GTA_San_Andreas_.exe

Remove mod sexo para gta san andreas by th3cz4r.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.