home

Cf2012cheat2013.exe

Cf2012cheat2013

RjjCheats

This is a setup program which is used to install the application. The file has been seen being downloaded from download891.mediafire.com.
Publisher:
RjjCheats

Product:
Cf2012cheat2013

Version:
1.00

MD5:
cd94002b92b9667cf56a4e77f166710b

SHA-1:
ae6f939bbd18fba4b5da001515aeb2cdabf98ef8

SHA-256:
7cd30b8189044c1e251e3a2fcc1cc6609c41283e51ca3d830cf78dab0a1a2453

Scanner detections:
5 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/23/2024 10:53:30 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Packed
1.3.0.6379

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Quick Heal
(Suspicious) - DNAScan
2.16.14.00

Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48
23.00.65.16217

Trend Micro House Call
Suspicious_GEN.F47V0413
7.2.50

File size:
356 KB (364,544 bytes)

Product version:
1.00

Original file name:
Cf2012cheat2013.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\cf2012cheat2013.exe

File PE Metadata
Compilation timestamp:
10/8/2012 5:18:40 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:oaMYQCW/q/WGlDeZB9lUavirssTpI4XeHGVzxu+Fg8ztukSTNba:DZA6tlyZeugssTKgxuB0YNm

Entry address:
0x14D8

Entry point:
68, 88, 81, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 82, 0E, D9, CE, 51, D3, 81, 43, 87, 77, 21, 85, 5A, 75, 87, BA, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 43, 66, 32, 30, 31, 32, 63, 68, 65, 61, 74, 32, 30, 31, 33, 00, 00, 00, 00, 00, FF, CC, 31, 00, 12, 6E, FC, A9, 53, 1E, 8D, 26, 4A, BE, 47, 08, D7, A3, 64, E0, AF, 1B, 89, B6, 7E, C0, 44, 71, 47, 85, 2F, 57, 64, 60, 69, 9A, E0, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
7.6078

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
324 KB (331,776 bytes)

The file Cf2012cheat2013.exe has been seen being distributed by the following URL.

http://download891.mediafire.com/u08ot05jc4yg/.../Cf2012cheat2013.exe

Scan Cf2012cheat2013.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.