» counter-strike source.exe
Overview
Analysis
File Details
Downloads (1)

counter-strike source.exe

The executable counter-strike source.exe has been detected as malware by 26 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dc372.4shared.com.

File name:

Version:

1. 0. 0. 0

MD5:

10b5681507fa08ad6a71e9d409990547

SHA-1:

bfa3267d7cc97a8e4fbc9f0165a0abe9692a44c1

SHA-256:

b63f232b9631a96aafdf4b258f3714914510e6a3c3417a6aec24ebaff10587ba

Scanner detections:

26 / 68

Status:

Malware

Analysis date:

11/5/2024 11:48:38 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.3586680

406

AegisLab AV Signature

Troj.Magania

2.1.4+

Agnitum Outpost

Trojan.Gendal

7.1.1

Avira AntiVirus

TR/Gendal.149606

8.3.2.4

AVG

Generic3_c

2016.0.2884

Bitdefender

Trojan.Generic.3586680

1.0.20.1800

Clam AntiVirus

Win.Trojan.Agent-950057

0.98/21511

Comodo Security

UnclassifiedMalware

23674

Emsisoft Anti-Malware

Trojan.Generic.3586680

8.15.12.26.09

Fortinet FortiGate

W32/Dx.A!tr

12/26/2015

F-Prot

W32/MalwareF.LNQE

v6.4.7.1.166

F-Secure

Trojan.Generic.3586680

11.2015-26-12_7

G Data

Trojan.Generic.3586680

15.12.25

IKARUS anti.virus

Trojan.Win32.Orsam

t3scan.1.9.5.0

McAfee

Artemis!10B5681507FA

5600.6540

Microsoft Security Essentials

Trojan:Win32/Orsam!rts

1.1.12300.0

MicroWorld eScan

Trojan.Generic.3586680

16.0.0.1080

NANO AntiVirus

Trojan.Win32.Gendal.drkmjx

0.30.26.4751

nProtect

Trojan/W32.Agent.149606

15.11.27.01

Panda Antivirus

Trj/CI.A

15.12.26.09

Qihoo 360 Security

Win32/Trojan.a43

1.0.0.1077

Quick Heal

Trojan.Orsam.r8

12.15.14.00

Sophos

Mal/Generic-S

4.98

Trend Micro

TROJ_GEN.R0C1C0DKL15

10.465.26

VIPRE Antivirus

Trojan.Win32.Generic

45484

ViRobot

Trojan.Win32.S.Agent.149606[h]

2014.3.20.0

File size:

146.1 KB (149,606 bytes)

Product version:

0.0.0.0

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\cs source\counter-strike source.exe

File PE Metadata

Compilation timestamp:

6/20/1992 1:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

3072:ePQt3aMxzd3o9fUPHC56IXsLkce6p23CskJXljt/wOl2Rkykj2bIFIyU:ePhaCEHpMGljt/RYkyjbIM

Entry address:

0x18E94

Entry point:

55, 8B, EC, B9, 09, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, 57, B8, C4, 8D, 41, 00, E8, E3, D0, FE, FF, 33, C0, 55, 68, D4, 93, 41, 00, 64, FF, 30, 64, 89, 20, 33, C9, B2, 01, A1, 38, 6E, 41, 00, E8, 17, E1, FF, FF, A3, F8, E8, 41, 00, A1, F8, E8, 41, 00, C6, 40, 30, 01, A1, F8, E8, 41, 00, C6, 40, 31, 01, A1, F8, E8, 41, 00, 83, C0, 32, BA, EC, 93, 41, 00, E8, D2, B3, FE, FF, B2, 01, A1, 18, 0C, 41, 00, E8, 0E, A6, FE, FF, A3, 00, E9, 41, 00, B2, 01, A1, 18, 0C, 41, 00, E8, FD, A5, FE, FF, A3... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

97.5 KB (99,840 bytes)

The file counter-strike source.exe has been seen being distributed by the following URL.

http://dc372.4shared.com/download/.../Counter-Strike_Source.exe

Remove counter-strike source.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.