» [allshares.ge]counter strike 1.6 and condition zero 1.2 www.benze.tk.exe
Overview
Analysis
File Details
Downloads (7)

[allshares.ge]counter strike 1.6 and condition zero 1.2 www.benze.tk.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.bin.ge and multiple other hosts.

File name:

MD5:

f66a733762e8eb419b4666ec86536a1e

SHA-1:

1ba5d12727c123c15cdac376f473399091c4df44

SHA-256:

baec86869f1f8ed017be1d43c5e76e087899e1b88ec17c391378387188b893ac

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

12/27/2024 4:30:52 AM UTC (today)

File size:

413 MB (433,034,846 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\[allshares.ge]counter strike 1.6 and condition zero 1.2 www.benze.tk.exe

File PE Metadata

Compilation timestamp:

10/11/2002 2:00:45 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

3.0

CTPH (ssdeep):

12582912:m1Q1n8TfYywI+8tUMSbQFlUp27ptDRZIj:m1In8TzwI++ObyqETIj

Entry address:

0x1650

Entry point:

81, EC, 0C, 04, 00, 00, 53, 56, 57, 55, 68, 60, 50, 40, 00, 6A, 01, 6A, 00, FF, 15, D8, 80, 40, 00, 8B, F0, FF, 15, D4, 80, 40, 00, 3D, B7, 00, 00, 00, 75, 0F, 56, FF, 15, B8, 80, 40, 00, 6A, 02, FF, 15, A4, 80, 40, 00, 33, DB, E8, F2, FE, FF, FF, 68, 02, 7F, 00, 00, 89, 1D, 94, 74, 40, 00, 53, 89, 1D, 98, 74, 40, 00, FF, 15, E4, 80, 40, 00, 50, FF, 15, E0, 80, 40, 00, 8B, 0D, 00, 50, 40, 00, E8, 68, FF, FF, FF, B9, 40, 0D, 03, 00, 89, 44, 24, 14, E8, 5A, FF, FF, FF, 68, 00, 02, 00, 00, 8B, 2D, D0, 80, 40... 
[+]

Packer / compiler:

CreateInstall v2003.3.5

Code size:

8.5 KB (8,704 bytes)

The file [allshares.ge]counter strike 1.6 and condition zero 1.2 www.benze.tk.exe has been seen being distributed by the following 7 URLs.

http://www.bin.ge/getfilee.php?id=DA608F9D&access_key=ZTY5ZTU3ZmI0YWI3OTRjM2QwMjg0NTU3MmI4YjhmOGE1NGZkYTk1MDhhMTkyM2M1ODgyYzc1NDU4OWNhMzg0NDc2&captcha=373936

http://www.bin.ge/getfilee.php?id=DA608F9D&access_key=ZGI2MzFlNjI3NmI2NTU2ZTg4OGU1YjAyZTUyMDQ3N2RiZjczOGMyYzgyMmYwNGNmZjgxMWI4ZmE3YzA5MzE5MzQ3&captcha=333139

http://vlr.tynt.com/?format=txt&key=284d869ffe43382ebe88a02cabb697ab&u=http://files.tamashi.ge/games/Tamashebi.Net-cs1.6_cz1.2.exe&subId=w!kyp0ekdjaetd&txt= Counter Strike 1.6 & CS Zero&loc=http://tamashebi.net/srolebi/20-cs-16-counter-strike-16-cs-zero.html&ref=https://.../&title=Counter Strike 1.6 & CS Zero » Tamashebi.Net - ??????? ?????? ????? ?????? ????????????

http://www.bin.ge/getfilee.php?id=DA608F9D&access_key=ZTUwNDZhODNhOWEyOTYyNDRmYjA4N2NkZWUzNzk2YmI2NzA1NGM2OTE4ZWVlMGQ5YzNkZDUwNGZmNWNiODUwZDI0&captcha=313737

http://www.bin.ge/getfilee.php?id=F4C86982&access_key=ZDQxZDhjZDk4ZjAwYjIwNGU5ODAwOTk4ZWNmODQyN2UwNzY5YmVkOTdjY2ZjMWYyNGJhMzM3ZTJhZWE5MzU3MTEx&captcha=

http://files.tamashi.ge/.../Tamashebi.Net-cs1.6_cz1.2.exe

http://5.133.162.78/.../getfile.php?id=312689&access_key=3734d5d0dc5ee3ea76c5b4bf98c7f3b1&t=53c1be7b&o=7B79EA89245DD48E185B26ACD6F984AC6665F694765AD292115F77AED3E3EBE53230F6F05B41D68E1B47&name=Counter Strike 1.6 and Condition Zero 1.2 www.benze.tk.exe

Scan [allshares.ge]counter strike 1.6 and condition zero 1.2 www.benze.tk.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.