home

armymen rts trainer v9.exe

The executable armymen rts trainer v9.exe has been detected as malware by 22 anti-virus scanners. The file has been seen being downloaded from download1850.mediafire.com.
Version:
1.8.0.0

MD5:
7064ef82faef160f0337db81c1ab373d

SHA-1:
297ea6bf5586639e4539d61d0113b13831310dfa

Scanner detections:
22 / 68

Status:
Malware

Analysis date:
11/23/2024 7:52:00 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Backdoor.Generic.825248
376

Agnitum Outpost
HackTool.CheatEngine
7.1.1

Baidu Antivirus
Hacktool.Win32.CheatEngine
4.0.3.16125

Bitdefender
Backdoor.Generic.825248
1.0.20.125

Bkav FE
W32.GenericMidgareB.Trojan
1.3.0.6379

Comodo Security
UnclassifiedMalware
21485

Emsisoft Anti-Malware
Backdoor.Generic.825248
8.16.01.25.08

ESET NOD32
Win32/HackTool.CheatEngine.AB potentially unsafe (variant)
10.11355

Fortinet FortiGate
Malware_fam.NB
1/25/2016

F-Prot
W32/Backdoor2.HKCC
v6.4.7.1.166

F-Secure
Backdoor.Generic.825248
11.2016-25-01_2

G Data
Backdoor.Generic.825248
16.1.25

IKARUS anti.virus
Win32.Malware
t3scan.1.8.6.0

K7 AntiVirus
Hacktool
13.202.15335

Malwarebytes
HackTool.GamesCheat.Gen
v2016.01.25.08

McAfee
Generic.dx!7064EF82FAEF
5600.6510

MicroWorld eScan
Backdoor.Generic.825248
17.0.0.75

Norman
Obfuscated.I
11.20160125

nProtect
Backdoor.Generic.825248
15.03.20.01

Sophos
Generic PUA CJ
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-CheatEngine
9364

VIPRE Antivirus
Trojan.Win32.Delf.abt
38628

File size:
709 KB (726,030 bytes)

Product version:
1.2

File type:
Executable application (Win32 EXE)

Language:
Dutch (Netherlands)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\armymen rts trainer v9.exe

File PE Metadata
Compilation timestamp:
6/20/1992 5:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:KEDCJJDXb8qWvvMyesvleMkWzChpBT2Zh46b2SBOfV612Si4+NVT6qb7KtR3Xl:KmQGbvNvjkJPOh46b2SBOfV612Si4+3c

Entry address:
0x93A84

Entry point:
55, 8B, EC, 83, C4, F0, B8, FC, 37, 49, 00, E8, 50, 2A, F7, FF, A1, F0, 9D, 49, 00, 8B, 00, E8, 98, 58, FC, FF, A1, F0, 9D, 49, 00, 8B, 00, C6, 40, 5B, 00, 8B, 0D, FC, 9C, 49, 00, A1, F0, 9D, 49, 00, 8B, 00, 8B, 15, 94, 35, 49, 00, E8, 8D, 58, FC, FF, A1, F0, 9D, 49, 00, 8B, 00, E8, 01, 59, FC, FF, E8, 40, 07, F7, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.6533

Developed / compiled with:
Microsoft Visual C++

Code size:
587 KB (601,088 bytes)

The file armymen rts trainer v9.exe has been seen being distributed by the following URL.

http://download1850.mediafire.com/dpbnp2bzb3mg/.../ArmyMen RTS Trainer v9.exe

Remove armymen rts trainer v9.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.