home

bf2 key.exe

EA Games Generic Multi Keygen

Fighting For Fun

The executable bf2 key.exe, “193 Keygens for EA Games” has been detected as malware by 10 anti-virus scanners. This is a setup program which is used to install the application. Infected by an entry-point obscuring polymorphic file infector which will create a peer-to-peer botnet and receives URLs of additional files to download. The file has been seen being downloaded from dc260.4shared.com.
Publisher:
Fighting For Fun

Product:
EA Games Generic Multi Keygen

Description:
193 Keygens for EA Games

Version:
2, 5, 1, 193

MD5:
1e56ae75bd820b60aab52920223eb7ff

SHA-1:
8122a7320d018517c521b1e353c37d8e587e29a8

SHA-256:
b98bc978c17f8ce0acd783b4fc8ed344cbcc06cc320c55f0a6dce1ef24bb55d9

Scanner detections:
10 / 68

Status:
File is infected by a Virus

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
11/5/2024 1:51:42 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:SaliCode
160216-0

AVG
Win32/Sality
2015.0.4530

Dr.Web
Win32.Sector.30
9.0.1.05190

ESET NOD32
Win32/Sality.NBA virus
7.0.302.0

F-Prot
W32/Sality.gen2
4.6.5.141

Kaspersky
Virus.Win32.Sality
15.0.0.562

McAfee
Virus.W32/Sality.gen.z
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.215.1444.0

Norman
Win32.Sality.3
29.02.2016 03:11:57

VIPRE Antivirus
Threat.4721115
29708

File size:
229 KB (234,496 bytes)

Product version:
2, 5, 1, 193

Copyright:
Copyright (c) 2003-2009 Fighting For Fun

Original file name:
fff-ea193.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\bf2 key.exe

File PE Metadata
Compilation timestamp:
2/19/2009 2:59:00 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:d0/WbW2qA+OWcYx0nHO9aRbCtgTSMjysGMFIo0PTgafkE/p0eyD1ozKz4TPG+K99:d0/uRLWi3RceSleJ0n0uzKzAPISX4uLW

Entry address:
0x22FD4

Entry point:
69, F0, 6C, 4F, F7, DC, 89, FD, 35, 01, 78, 50, 76, 49, F3, 86, DC, 8D, 0D, A1, 39, E5, 98, FF, C8, B3, 49, 69, CB, DF, 1F, A2, 24, 19, F5, F7, C1, BF, FD, D5, 1C, 85, C6, FF, C9, F6, C1, 29, 0F, BF, CF, 8D, 0D, E4, 5C, AE, 34, F7, C5, 5B, D8, AA, A6, 6A, 00, 59, 33, C8, 51, 5F, F2, 8B, EF, F3, 89, CF, 8B, DD, B9, 39, AF, C0, 9C, C6, C5, 13, 8D, 33, 70, 02, 10, ED, FF, C3, 8B, C6, C7, C1, CB, E0, 1C, ED, F3, 2B, D0, 38, E7, 8B, DB, 69, F7, 8A, 16, 63, 25, 0F, BE, F4, 69, D7, A7, 37, 1B, D5, 89, F6, C7, C6...
 
[+]

The file bf2 key.exe has been seen being distributed by the following URL.

http://dc260.4shared.com/download/.../bf2_key.exe

Remove bf2 key.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.