home

checkers-7.exe

Checkers - 7

Style-7

The executable checkers-7.exe, “Checkers - 7 Setup ” has been detected as malware by 6 anti-virus scanners. The program is a setup application that uses the Inno Setup installer, however the file is not signed with an authenticode signature from a trusted source. Infected by an entry-point obscuring polymorphic file infector which will create a peer-to-peer botnet and receives URLs of additional files to download. The file has been seen being downloaded from www.styleseven.com.
Publisher:
Style-7

Product:
Checkers - 7

Description:
Checkers - 7 Setup

MD5:
ca6357a12b45619d81b9f8abf6a1e318

SHA-1:
b616e6c18a4267694acf739860c06a8e68e40c7b

SHA-256:
fa25053722cfcbebfc42c429de1691f2c104134136e3ae7115d4266269c8e744

Scanner detections:
6 / 68

Status:
File is infected by a Virus

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
12/28/2024 12:47:25 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:SaliCode
160518-2

AVG
Win32/Sality
2015.0.4604

Emsisoft Anti-Malware
Win32.Sality
16.07.16

ESET NOD32
Win32/Sality.NBA virus
7.0.302.0

F-Prot
W32/Sality.gen2
4.6.5.141

Norman
Win32.Sality.3
28.05.2016 13:03:37

File size:
2.6 MB (2,764,301 bytes)

Copyright:
© 2008-2011 Style-7. All righits are reserved.

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\documents and settings\administrateur\mes documents\downloads\checkers-7.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:MaNcLmn+nwwNQEzXEp3MwyQCuEbbFn863xC/e4pwWy4qpzkJ+XqEbvET6++Ivexb:hD+nwwN9M3MaEbt3L4h0zJXqoET6g8

Entry address:
0x9C40

Entry point:
0B, F3, 0F, C9, F7, DB, F7, D7, 8B, D5, 72, 06, B9, 05, 13, 37, EE, 4E, 68, 60, BE, 25, 00, 88, FC, 3C, CA, E8, 11, 00, 00, 00, 81, E0, C1, 9E, 64, 5F, 2D, D6, AB, 87, C1, 81, FF, 0D, E0, 00, 00, B3, 25, 31, FD, 81, FA, 0C, 8D, 00, 00, 5B, 87, C8, 08, C0, 52, 3B, D3, 71, 02, FF, C2, 59, 8D, 35, 64, 4C, AF, 26, 8B, F9, 84, D1, 0F, 6E, C3, 42, 3A, D0, B9, 83, B3, 49, 0B, 81, FD, FB, DA, 00, 00, 76, 04, 42, 0F, B7, EE, FE, CD, F6, DB, 8B, E8, F7, C0, A3, EF, B5, 3B, BB, 52, 76, 08, 00, 8D, 3D, BE, 72, E7, 23...
 
[+]

Code size:
37 KB (37,888 bytes)

The file checkers-7.exe has been seen being distributed by the following URL.

http://www.styleseven.com/.../checkers-7.exe

Remove checkers-7.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.