home

Crossfire Cheat 2016-2017.exe

The application Crossfire Cheat 2016-2017.exe has been detected as a potentially unwanted program by 27 anti-malware scanners. This is a setup program which is used to install the application.
Version:
0.0.0.0

MD5:
c228e85f80df6fa65dec4aaf07565c53

SHA-1:
255cfc8aa598995d857355035fbfabc1585db482

SHA-256:
816f6fd92a88e08deb2245c9e0c20d087beec7cba1f2024fe2708ca2e7bfa793

Scanner detections:
27 / 68

Status:
Potentially unwanted

Analysis date:
11/6/2024 2:00:21 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.MSILKrypt.11
210

AegisLab AV Signature
Troj.Dropper.MSIL.Agent.kYXF
2.1.4+

AhnLab V3 Security
Dropper/Win32.Agent.R154570
3.7.4.14

Avira AntiVirus
TR/Taranis.2564
8.3.3.4

Arcabit
Trojan.MSILKrypt.11
1.0.0.741

avast!
Win32:Ardamax-RO [PUP]
2014.9-160709

AVG
Dropper.Generic
2017.0.2688

Baidu Antivirus
Win32.Trojan.WisdomEyes.151026.9950
4.0.3.1679

Bitdefender
Gen:Variant.MSILKrypt.11
1.0.20.955

Comodo Security
TrojWare.MSIL.TrojanDropper.Agent.~Ajv
25380

Dr.Web
Trojan.PWS.Siggen.27583
9.0.1.0191

Emsisoft Anti-Malware
Gen:Variant.MSILKrypt.11
8.16.07.09.09

ESET NOD32
MSIL/TrojanDropper.Agent.AST (variant)
10.13744

Fortinet FortiGate
MSIL/Dropper.JV!tr
7/9/2016

F-Prot
W32/MSIL-Habbo.A!Generic
v6.4.7.1.166

F-Secure
Gen:Variant.MSILKrypt.11
11.2016-09-07_7

G Data
Gen:Variant.MSILKrypt.11
16.7.25

IKARUS anti.virus
Virus.Win32.Prorat
t3scan.2.1.6.0

K7 AntiVirus
Trojan
13.231.20117

Kaspersky
not-a-virus:HEUR:Monitor.Win32.Ardamax
14.0.0.-67

Malwarebytes
Backdoor.IRCBot.OLGen
v2016.07.09.09

Microsoft Security Essentials
TrojanDropper:MSIL/Habbo.A
1.1.12902.0

MicroWorld eScan
Gen:Variant.MSILKrypt.11
17.0.0.573

NANO AntiVirus
Trojan.Win32.Zapchast.dcmmdd
1.0.38.8984

Qihoo 360 Security
QVM03.0.Malware.Gen
1.0.0.1120

Total Defense
Win32/MultiDropper.QQ
37.1.62.1

VIPRE Antivirus
Trojan-Dropper.Win32.Habbo.a
50570

File size:
2.2 MB (2,351,104 bytes)

Product version:
0.0.0.0

Original file name:
Crossfire Cheat 2016-2017.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\crossfire cheat 2016-2017.exe

File PE Metadata
Compilation timestamp:
7/3/2016 12:50:00 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
49152:W279DFisR+ZrzXDu6edc9NRAh2tIlTwVKT:NOsCLDu6HhAQtIls

Entry address:
0x23C82E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.6257

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
2.2 MB (2,338,816 bytes)

The file Crossfire Cheat 2016-2017.exe has been seen being distributed by the following URL.

https://od.lk/.../MjNfMTkzMTM5NV8

Remove Crossfire Cheat 2016-2017.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.