counter strike 1.6.exe

The executable counter strike 1.6.exe has been detected as malware by 8 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.indirbir.com.
Version:
1.0.0.0

MD5:
28ea09804b4784f6e347a09200e5e9c0

SHA-1:
db42f7dad813c3e7b3d23a683d658a3fb3050c82

SHA-256:
823fde2943c1738c49878199646a2af52b107597250cc7b8781024871f255080

Scanner detections:
8 / 68

Status:
Malware

Analysis date:
12/27/2024 2:43:28 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Symmi.38317
1073

avast!
Win32:Dropper-gen [Drp]
2014.9-140226

Bitdefender
Gen:Variant.Symmi.38317
1.0.20.285

Emsisoft Anti-Malware
Gen:Variant.Symmi.38317
8.14.02.26.11

F-Secure
Gen:Variant.Symmi.38317
11.2014-26-02_4

G Data
Gen:Variant.Symmi.38317
14.2.24

McAfee
Artemis!28EA09804B47
5600.7207

MicroWorld eScan
Gen:Variant.Symmi.38317
15.0.0.171

File size:
5.6 MB (5,831,235 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\counter strike 1.6.exe

File PE Metadata
Compilation timestamp:
11/24/2013 1:33:46 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:Isud2rCIkBC09p0Sbm21O292WFoLgd3XAvvNL5tQ8GKJabhKAFSQ99TdDMHooVtZ:T/CIkBF923NL5O8GKJabhKAFSQGx7hX

Entry address:
0x3FF844

Entry point:
55, 8B, EC, 83, C4, F0, 53, B8, 7C, 1E, 7F, 00, E8, 6F, EB, C0, FF, 8B, 1D, F4, C5, 80, 00, 8B, 03, E8, 2A, FB, DE, FF, 8B, 03, B2, 01, E8, 6D, 18, DF, FF, 8B, 0D, 80, C2, 80, 00, 8B, 03, 8B, 15, 30, 02, 7F, 00, E8, 26, FB, DE, FF, 8B, 0D, 84, C5, 80, 00, 8B, 03, 8B, 15, F4, B8, 7E, 00, E8, 13, FB, DE, FF, 8B, 0D, 30, BD, 80, 00, 8B, 03, 8B, 15, B0, F4, 7E, 00, E8, 00, FB, DE, FF, 8B, 0D, D0, BD, 80, 00, 8B, 03, 8B, 15, F0, E8, 7E, 00, E8, ED, FA, DE, FF, 8B, 0D, E0, C9, 80, 00, 8B, 03, 8B, 15, 04, D9, 7E...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
4 MB (4,186,624 bytes)

The file counter strike 1.6.exe has been seen being distributed by the following URL.

Remove counter strike 1.6.exe - Powered by Reason Core Security