» counter-strike global offensive.exe
Overview
Analysis
File Details
Network (7)

counter-strike global offensive.exe

The executable counter-strike global offensive.exe has been detected as malware by 9 anti-virus scanners. While running, it connects to the Internet address dev.ucoz.net on port 80 using the HTTP protocol.

File name:

MD5:

219c9cb02bf4cd60fdb0acc1b8b16649

SHA-1:

c617b49ec4d0eeaf07fcc2f6b41e2635c7d8a9dd

SHA-256:

212c113ce518730394441a3a309cc3b5ec7bc14a3e0ee26a9d25f72e0b15b3cb

Scanner detections:

9 / 68

Status:

Malware

Analysis date:

11/23/2024 5:01:11 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.3058180

346

Arcabit

Trojan.Generic.D2EAA04

1.0.0.656

Bitdefender

Trojan.GenericKD.3058180

1.0.20.275

Emsisoft Anti-Malware

Trojan.GenericKD.3058180

8.16.02.24.09

F-Secure

Trojan.GenericKD.3058180

11.2016-24-02_4

G Data

Trojan.GenericKD.3058180

16.2.25

McAfee

Artemis!219C9CB02BF4

5600.6480

MicroWorld eScan

Trojan.GenericKD.3058180

17.0.0.165

nProtect

Trojan.GenericKD.3058180

16.02.22.01

File size:

1.3 MB (1,346,560 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\counter-strike global offensive\counter-strike global offensive.exe

File PE Metadata

Compilation timestamp:

9/20/2010 4:19:12 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:GDYoP1JgW1tQ2IXUFTBVx2S8lsdu1Hy+mWdyYoltCCiTl0nI8QJiCsnibY9fJs:GkUQIF2AaHTn8Q8Nni4

Entry address:

0xCDD08

Entry point:

55, 8B, EC, 83, C4, F0, 53, 56, 57, B8, 4C, BE, 4C, 00, E8, 65, 95, F3, FF, 33, C0, 55, 68, EA, DD, 4C, 00, 64, FF, 30, 64, 89, 20, 33, C0, 55, 68, BB, DD, 4C, 00, 64, FF, 30, 64, 89, 20, A1, 70, 50, 4D, 00, 8B, 00, E8, E1, A6, F9, FF, A1, 70, 50, 4D, 00, 8B, 00, BA, 04, DE, 4C, 00, E8, 88, A1, F9, FF, A1, 70, 50, 4D, 00, 8B, 00, BA, 04, DE, 4C, 00, E8, C7, B2, F9, FF, E8, 66, B2, FA, FF, 84, C0, 75, 43, E8, FD, AF, FA, FF, 83, 78, 08, 00, 74, 14, E8, F2, AF, FA, FF, 8B, 50, 08, A1, 70, 50, 4D, 00, 8B, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

817 KB (836,608 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to dev.ucoz.net (193.109.246.54:80)

TCP (HTTP):

Connects to Host-46-174-53-234.rs-media.ru (46.174.53.234:80)

TCP (HTTP SSL):

Connects to mc.yandex.ru (213.180.193.119:443)

TCP (HTTP):

Connects to ip-172-26-136-19.ec2.internal (172.26.136.19:80)

Remove counter-strike global offensive.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.