» counter-strike 1.6-original.exe
Overview
Analysis
File Details
Downloads (1)

counter-strike 1.6-original.exe

The executable counter-strike 1.6-original.exe has been detected as malware by 11 anti-virus scanners. Infected by an entry-point obscuring polymorphic file infector which will create a peer-to-peer botnet and receives URLs of additional files to download. The file has been seen being downloaded from www.cybersports.lt.

File name:

MD5:

bb96a580c04a3927876915c57c0f5290

SHA-1:

648f914c37191cd48bb06115100bdc38cd262636

SHA-256:

491bbd39790b75e7a14f45daff14faf42f24fce3a72ce0fae5e425e99bc8cf9d

Scanner detections:

11 / 68

Status:

File is infected by a Virus

Explanation:

The file is infected by a polymorphic file infector virus.

Analysis date:

11/27/2024 10:43:36 AM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:SaliCode

160518-2

AVG

Win32/Sality

2015.0.4568

Dr.Web

Win32.Sector.30

9.0.1.05190

Emsisoft Anti-Malware

Win32.Sality

11.5.0.6191

ESET NOD32

Win32/Sality.NBA virus

8.0.319.0

F-Prot

W32/Sality.gen2

4.6.5.141

F-Secure

Win32.Sality.3

5.15.96

Kaspersky

Virus.Win32.Sality

15.0.0.562

Microsoft Security Essentials

Threat.Undefined

1.221.14.0

Norman

Win32.Sality.3

19.05.2016 05:17:13

VIPRE Antivirus

Threat.4721115

48914

File size:

208 KB (212,992 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

11/7/2013 1:09:32 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

1536:pVVasFyv6hIkSihmbL5Bbu2eNd7cRpkt5TMGk1Pqi:fh0hImH5Bbu2EpcM5TKPqi

Entry address:

0x13FAC

Entry point:

B0, DB, 8D, 05, F6, 5A, 81, 2E, F3, F3, FE, CD, 88, F5, F7, C6, 5E, 8E, A7, 34, 0F, B6, C8, 0F, AF, C0, 43, 4E, FF, C8, E8, 32, 00, 00, 00, 8D, 0D, B8, F8, 19, 89, 20, EE, 81, F3, C5, 16, 49, 25, 88, FF, 11, C6, 04, 0E, 43, 4A, 6A, 00, 5D, 74, 02, 1C, 66, 33, E8, 0F, AF, CD, F2, C6, C4, F8, 2D, 5D, 5F, A0, 4D, 28, F5, 8D, 7D, 00, FE, C1, 0D, 28, E9, 58, 40, B0, 98, 0F, AF, EF, 0F, BE, EF, 88, F4, 8D, 0D, A3, 81, A1, 07, 81, EE, C8, CB, 02, 00, F2, 4D, 81, C6, 08, E1, 01, 00, 6A, 00, 5E, 46, 88, DD, F7, C5... 
[+]

Entropy:

3.5376

Code size:

92 KB (94,208 bytes)

The file counter-strike 1.6-original.exe has been seen being distributed by the following URL.

http://www.cybersports.lt/Counter-Strike 1.6-original.exe

Remove counter-strike 1.6-original.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.