call of duty hack 2014.exe

The application call of duty hack 2014.exe has been detected as a potentially unwanted program by 34 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer, however the file is not signed with an authenticode signature from a trusted source. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from download651.mediafire.com and multiple other hosts.
MD5:
2653d796111fc93418c3d9919ac0d8cc

SHA-1:
48fdced5e5e97c1be45c57e0d1415299f38da339

SHA-256:
e9f909ec84a466d9f55ea1fcedc3cb89f34e62b2778a3de9ba2de28444469113

Scanner detections:
34 / 68

Status:
Potentially unwanted

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Analysis date:
11/23/2024 9:41:05 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Bundler.Outbrowse.F
377

Agnitum Outpost
PUA.OutBrowse
7.1.1

AhnLab V3 Security
PUP/Win32.OutBrowse
2015.10.27

Avira AntiVirus
PUA/Outbrowse.Gen
8.3.2.2

Arcabit
Application.Bundler.Outbrowse.F
1.0.0.585

avast!
Win32:PUP-gen [PUP]
2014.9-160124

AVG
Downloader
2017.0.2855

Baidu Antivirus
PUA.Win32.OutBrowse
4.0.3.16124

Bitdefender
Application.Bundler.Outbrowse.F
1.0.20.120

Clam AntiVirus
Win.Adware.OutBrowse-4
0.98/21511

Comodo Security
Application.Win32.OutBrowse.~A
23478

Dr.Web
Trojan.DownLoader12.42440
9.0.1.024

ESET NOD32
Win32/OutBrowse.D potentially unwanted (variant)
10.12468

Fortinet FortiGate
Riskware/NSIS_OutBrowse
1/24/2016

F-Prot
W32/OutBrowse.A
v6.4.7.1.166

F-Secure
Application.Bundler.Outbrowse
11.2016-24-01_1

G Data
Application.Bundler.Outbrowse
16.1.25

K7 AntiVirus
Trojan
13.212.17655

Kaspersky
not-a-virus:Downloader.NSIS.OutBrowse
14.0.0.768

Malwarebytes
PUP.Optional.OutBrowse
v2016.01.24.09

McAfee
Generic PUP
5600.6511

Microsoft Security Essentials
SoftwareBundler:Win32/OutBrowse
1.1.12205.0

MicroWorld eScan
Application.Bundler.Outbrowse.F
17.0.0.72

NANO AntiVirus
Trojan.Win32.OutBrowse.cvyscp
0.30.26.3947

Panda Antivirus
Trj/NsisDownloader.A
16.01.24.09

Qihoo 360 Security
Win32/Virus.Downloader.ad6
1.0.0.1015

Quick Heal
TrojanDownloader.NSIS.OutBrow
1.16.14.00

Reason Heuristics
PUP.OutBrowse (M)
16.1.24.9

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.16122

Sophos
OutBrowse (PUA)
4.98

SUPERAntiSpyware
Adware.OutBrowse/Variant
9366

Total Defense
Win32/Tnega.VHaZTKB
37.1.62.1

Vba32 AntiVirus
Downloader.OutBrowse
3.12.26.4

VIPRE Antivirus
OutBrowse
44834

File size:
616 KB (630,762 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\call of duty hack 2014.exe

File PE Metadata
Compilation timestamp:
12/5/2009 10:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:P0FyhCfsMntd1zdwVWyK1EzotWlj+kzVX0xp+lHTNo5uLMxHeXAkepYsq4K:P0yhCfsMtpwof1EzotWln3M6VXopa4K

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file call of duty hack 2014.exe has been seen being distributed by the following 2 URLs.

Remove call of duty hack 2014.exe - Powered by Reason Core Security