» Crossfire Accounts giveaway 2016-2017.exe
Overview
Analysis
File Details
Downloads (1)

Crossfire Accounts giveaway 2016-2017.exe

The executable Crossfire Accounts giveaway 2016-2017.exe has been detected as malware by 8 anti-virus scanners. This is a setup program which is used to install the application.

File name:

Version:

0.0.0.0

MD5:

a276b978f227d7b968d5dda815498919

SHA-1:

457b6beefa9c32884cf724ed9974c2c081314c5d

SHA-256:

825724dea8ba3aa7e7c8e4875576ca0dc027caa21b6e779d20a8d9e882c086e2

Scanner detections:

8 / 68

Status:

Malware

Analysis date:

11/28/2024 12:45:01 AM UTC (today)

Scan engine

Detection

Engine version

avast!

MSIL:Dropper-Q [Drp]

160518-2

Dr.Web

Trojan.PWS.Siggen.27583

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.MSILKrypt.11

16.07.09

ESET NOD32

MSIL/TrojanDropper.Agent.AST trojan

8.0.319.0

F-Prot

W32/MSIL-Habbo.A!Generic

4.6.5.141

F-Secure

Variant.MSILKrypt.11

5.15.96

Microsoft Security Essentials

Threat.Undefined

1.225.469.0

Norman

Gen:Variant.MSILKrypt.11

28.05.2016 15:32:18

File size:

2.2 MB (2,351,104 bytes)

Product version:

0.0.0.0

Original file name:

Crossfire Accounts giveaway 2016-2017.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\crossfire accounts giveaway 2016-2017.exe

File PE Metadata

Compilation timestamp:

7/7/2016 6:45:44 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

49152:YInmOtuGIFCd1El6fFOPjBvY0EUxxGAOXT:YInsFCEl6dd0lxxGAO

Entry address:

0x23C84E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.6412

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

2.2 MB (2,338,816 bytes)

The file Crossfire Accounts giveaway 2016-2017.exe has been seen being distributed by the following URL.

https://od.lk/.../MjNfMTkzNzkzM18

Remove Crossfire Accounts giveaway 2016-2017.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.