» xcom enemy unknown promo trainer.exe
Overview
Analysis
File Details
Downloads (2)

xcom enemy unknown promo trainer.exe

XCOM Enemy Unknown Trainer

CheatHappens

The executable xcom enemy unknown promo trainer.exe has been detected as malware by 8 anti-virus scanners. The file has been seen being downloaded from storage24-free.uloz.to and multiple other hosts.

File name:

Publisher:

CheatHappens

Product:

XCOM Enemy Unknown Trainer

Version:

1.0000

MD5:

5f9e775692f0540e834e60560153e27a

SHA-1:

dbcc915b1a58fd4c7354dd24f6af08b433905f52

SHA-256:

8ac13856bab4986bf3e7fdd390d9779c508783df5de99f6998a957fc10b4724f

Scanner detections:

8 / 68

Status:

Malware

Analysis date:

4/24/2024 12:45:45 PM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

Trojan.Win32.GameHack

4.0.3.1463

ESET NOD32

Win32/GameHack.BE (variant)

8.9387

F-Prot

W32/GameHack.E2.gen

v6.4.7.1.166

K7 AntiVirus

Riskware

13.175.11074

McAfee

Artemis!5F9E775692F0

5600.7110

Norman

CheatEngine.AB

11.20140603

Trend Micro House Call

TROJ_GEN.F47V1122

7.2.154

VIPRE Antivirus

Trojan.Win32.Gamehack.be

26184

File size:

675.5 KB (691,712 bytes)

Product version:

19011

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

File PE Metadata

Compilation timestamp:

10/9/2012 4:09:55 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.50

CTPH (ssdeep):

12288:AQeMTMQog32sYmKNwDItTmKQTjxxyPtcxLHm7o1kspQwK3gEJBV1Ls2LMpB8a:AwZr3PYm5ItaTjxxatc5HoWzpQlwEJB+

Entry address:

0x1000

Entry point:

68, 34, 07, 00, 00, 68, 00, 00, 00, 00, 68, 94, 8A, 49, 00, E8, 1B, 70, 00, 00, 83, C4, 0C, 68, 00, 00, 00, 00, E8, 14, 70, 00, 00, A3, 98, 8A, 49, 00, 68, 00, 00, 00, 00, 68, 00, 10, 00, 00, 68, 00, 00, 00, 00, E8, 01, 70, 00, 00, A3, 94, 8A, 49, 00, B8, CD, 7A, 48, 00, A3, 9C, 8A, 49, 00, E8, 82, FA, 00, 00, E8, 2E, F2, 00, 00, E8, D8, E7, 00, 00, E8, 26, DC, 00, 00, E8, AF, D9, 00, 00, E8, A0, D8, 00, 00, E8, 84, CF, 00, 00, E8, 7D, CB, 00, 00, E8, 06, CB, 00, 00, E8, 9A, B4, 00, 00, E8, 9F, 9D, 00, 00... 
[+]

Entropy:

7.5155

Packer / compiler:

PKLITE32, 0x1.1

Code size:

264 KB (270,336 bytes)

The file xcom enemy unknown promo trainer.exe has been seen being distributed by the following 2 URLs.

http://storage24-free.uloz.to/Ps;Hs;fid=29499774;cid=2037473964;rid=1829688250;up=0;uip=109.81.239.175;tm=1405021042;ut=f;aff=uloz.to;did=uloz-to;He;ch=ad16240b7740eee3c08ef5b7ee8184cd;Pe/.../xcom-enemy-unknown-promo-trainer.exe

http://dla.uloz.to/Ps;Hs;fid=29499774;cid=2037473964;rid=1829688250;up=0;uip=109.81.239.175;tm=1405021042;ut=f;aff=uloz.to;did=uloz-to;He;ch=ad16240b7740eee3c08ef5b7ee8184cd;Pe/.../xcom-enemy-unknown-promo-trainer.exe

Remove xcom enemy unknown promo trainer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.