home

saCamHack.exe

CamHack

ToCA EDIT

The application saCamHack.exe has been detected as a potentially unwanted program by 3 anti-malware scanners. The file has been seen being downloaded from s6710.chomikuj.pl and multiple other hosts.
Publisher:
ToCA EDIT

Product:
CamHack

Version:
1.02

MD5:
659e66178fad1e5c627a1eb7a2851b96

SHA-1:
aa5094988417c5688498b8f293a2c51269476e5d

SHA-256:
ea786da7938511d0ada4eca2d3f3d51c5654ced6a5a1c09784b740c354db824c

Scanner detections:
3 / 68

Status:
Potentially unwanted

Analysis date:
5/23/2024 9:55:17 PM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
ApplicUnwnt.Win32.CamHack.~a
17678

Quick Heal
(Suspicious) - DNAScan
2.14.12.00

Reason Heuristics
Unnamed.Threat.15
14.3.11.10

File size:
300 KB (307,200 bytes)

Product version:
1.02

Original file name:
saCamHack.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\gta resident evil 5 world fallen\anim\sacamhack.exe

File PE Metadata
Compilation timestamp:
12/8/2005 11:49:30 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:t/eCbVOF7o1yqlQ515gNXKf/h2WFYoJWTCZ3dqSNKL09Zsb+e7vRGftWWgop3ZS:oCnyqlQ51mWMWFYoJWUftWWN

Entry address:
0x4178

Entry point:
68, 9C, 44, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 6F, 31, 2A, 74, E9, 74, 8E, 40, A5, CE, 4D, 91, A5, BF, 69, 92, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 2D, 43, 30, 30, 30, 2D, 73, 61, 43, 61, 6D, 48, 61, 63, 6B, 00, 34, 36, 7D, 23, 32, 2E, 00, 00, 00, 00, 01, 00, 0D, 00, 3C, 6E, 40, 00, 00, 00, 00, 00, FF, FF, FF, FF, FF, FF, FF, FF, 00, 00, 00, 00, 00, 71, 40, 00, 6C, 75, 43, 00, 00, 00, 00, 00, 28, C8, 1B, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.5305

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
216 KB (221,184 bytes)

The file saCamHack.exe has been seen being distributed by the following 2 URLs.

http://s6710.chomikuj.pl/File.aspx?e=RI6-TFhta0WAeq53nn-vAlISfLca26xEBBssxIR28R0kGqOkDBRw0LxFRPMtLc0x49AhEMrK2IRNAaQor_PSsxG3mRMYQC6aNOzBVTh53EpZCNm5k0CNXB6ttLFA0ZIr35o3uuKt48HlXeXJIm9M-A&pv=2

http://s10232.chomikuj.pl/File.aspx?e=RI6-TFhta0WAeq53nn-vAlISfLca26xEBBssxIR28R3a9Lqps5QiKEeTEAqucmW-yUNm2X9d0itSX2os1KMbe6sFNtaKxQX3x3XLui0Kn_kRYXBT5p872hSwFnfwMh3QnmfWNjZ7AgsssfgRsME4YA&pv=2

Remove saCamHack.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.