counter-strike source.exe

The executable counter-strike source.exe has been detected as malware by 26 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dc372.4shared.com.
Version:
1. 0. 0. 0

MD5:
10b5681507fa08ad6a71e9d409990547

SHA-1:
bfa3267d7cc97a8e4fbc9f0165a0abe9692a44c1

SHA-256:
b63f232b9631a96aafdf4b258f3714914510e6a3c3417a6aec24ebaff10587ba

Scanner detections:
26 / 68

Status:
Malware

Analysis date:
12/26/2024 5:35:05 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.3586680
406

AegisLab AV Signature
Troj.Magania
2.1.4+

Agnitum Outpost
Trojan.Gendal
7.1.1

Avira AntiVirus
TR/Gendal.149606
8.3.2.4

AVG
Generic3_c
2016.0.2884

Bitdefender
Trojan.Generic.3586680
1.0.20.1800

Clam AntiVirus
Win.Trojan.Agent-950057
0.98/21511

Comodo Security
UnclassifiedMalware
23674

Emsisoft Anti-Malware
Trojan.Generic.3586680
8.15.12.26.09

Fortinet FortiGate
W32/Dx.A!tr
12/26/2015

F-Prot
W32/MalwareF.LNQE
v6.4.7.1.166

F-Secure
Trojan.Generic.3586680
11.2015-26-12_7

G Data
Trojan.Generic.3586680
15.12.25

IKARUS anti.virus
Trojan.Win32.Orsam
t3scan.1.9.5.0

McAfee
Artemis!10B5681507FA
5600.6540

Microsoft Security Essentials
Trojan:Win32/Orsam!rts
1.1.12300.0

MicroWorld eScan
Trojan.Generic.3586680
16.0.0.1080

NANO AntiVirus
Trojan.Win32.Gendal.drkmjx
0.30.26.4751

nProtect
Trojan/W32.Agent.149606
15.11.27.01

Panda Antivirus
Trj/CI.A
15.12.26.09

Qihoo 360 Security
Win32/Trojan.a43
1.0.0.1077

Quick Heal
Trojan.Orsam.r8
12.15.14.00

Sophos
Mal/Generic-S
4.98

Trend Micro
TROJ_GEN.R0C1C0DKL15
10.465.26

VIPRE Antivirus
Trojan.Win32.Generic
45484

ViRobot
Trojan.Win32.S.Agent.149606[h]
2014.3.20.0

File size:
146.1 KB (149,606 bytes)

Product version:
0.0.0.0

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\cs source\counter-strike source.exe

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
3072:ePQt3aMxzd3o9fUPHC56IXsLkce6p23CskJXljt/wOl2Rkykj2bIFIyU:ePhaCEHpMGljt/RYkyjbIM

Entry address:
0x18E94

Entry point:
55, 8B, EC, B9, 09, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, 57, B8, C4, 8D, 41, 00, E8, E3, D0, FE, FF, 33, C0, 55, 68, D4, 93, 41, 00, 64, FF, 30, 64, 89, 20, 33, C9, B2, 01, A1, 38, 6E, 41, 00, E8, 17, E1, FF, FF, A3, F8, E8, 41, 00, A1, F8, E8, 41, 00, C6, 40, 30, 01, A1, F8, E8, 41, 00, C6, 40, 31, 01, A1, F8, E8, 41, 00, 83, C0, 32, BA, EC, 93, 41, 00, E8, D2, B3, FE, FF, B2, 01, A1, 18, 0C, 41, 00, E8, 0E, A6, FE, FF, A3, 00, E9, 41, 00, B2, 01, A1, 18, 0C, 41, 00, E8, FD, A5, FE, FF, A3...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
97.5 KB (99,840 bytes)

The file counter-strike source.exe has been seen being distributed by the following URL.

Remove counter-strike source.exe - Powered by Reason Core Security