» batla cheats.exe
Overview
Analysis
File Details
Network (1)

batla cheats.exe

The executable batla cheats.exe has been detected as malware by 19 anti-virus scanners. While running, it connects to the Internet address dev.ucoz.net on port 80 using the HTTP protocol.

File name:

batla cheats.exe

MD5:

ab904e62e34d2640b1ceb82ac785d76b

SHA-1:

1799965adaf8e0e2e91f88c9368fe5afc98269a2

SHA-256:

12eeb5916cfdc8aab7efc1f5d7a8ec4e1d5028f4b974983749377165f420f0ee

Scanner detections:

19 / 68

Status:

Malware

Analysis date:

11/23/2024 9:58:03 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Trojan.DR.Agent

7.1.1

avast!

Win32:Malware-gen

2014.9-160131

Baidu Antivirus

Trojan.Win32.Generic

4.0.3.16131

Bkav FE

HW32.Packed

1.3.0.7400

Comodo Security

Packed.Win32.Packer.~GEN

23949

Dr.Web

MULDROP.Trojan

9.0.1.031

IKARUS anti.virus

Trojan-Dropper.Agent

t3scan.1.9.5.0

Kaspersky

UDS:DangerousObject.Multi.Generic

14.0.0.731

McAfee

Artemis!AB904E62E34D

5600.6503

NANO AntiVirus

Trojan.Win32.Drop.dtpdxk

1.0.14.5380

Panda Antivirus

Trj/Chgt.O

16.01.31.04

Qihoo 360 Security

HEUR/QVM19.1.Malware.Gen

1.0.0.1077

Quick Heal

(Suspicious) - DNAScan

1.16.14.00

Rising Antivirus

PE:Malware.XPACK/RDM!5.1 [F]

23.00.65.16129

Sophos

Mal/Packer

4.98

Trend Micro

TROJ_GEN.R0C1C0EJV15

10.465.31

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

46396

ViRobot

Trojan.Win32.Z.Agent.597696[h]

2014.3.20.0

File size:

583.7 KB (597,696 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\batla cheats.exe

File PE Metadata

Compilation timestamp:

6/20/1992 1:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

1.25

CTPH (ssdeep):

12288:s7p5jsjgYQ3LANzi0V+/QKNtsqm88n3o1Ubs3B1KXP3MpFzQu/75:sVmjgVLANWyKNJAY1+/Mn7/75

Entry address:

0x186080

Entry point:

40, 92, 90, 92, 92, 4A, 92, B8, 40, 60, 58, 00, 50, C3, BA, 40, 60, 58, 00, B8, EB, 03, FE, C3, 89, 02, 42, 42, 42, B8, C3, 8B, EB, 00, 89, 02, 4A, 4A, 4A, FF, D2, 94, 09, E8, 21, EB, D0, 06, 2B, 63, D5, 2E, E1, EB, 13, BE, 4C, 64, 17, E1, 10, D0, C8, 1D... 
[+]

Code size:

1.2 MB (1,256,960 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):

Connects to dev.ucoz.net (195.216.243.114:80)

Remove batla cheats.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.