» css34.exe
Overview
Analysis
File Details
Downloads (17)

css34.exe

GM-BOOST.RU

This is a self-extracting archive and installer. The file has been seen being downloaded from s42e.storage.yandex.net and multiple other hosts.

File name:

css34.exe

Publisher:

GM-BOOST.RU

Description:

Counter-Strike Source v34 2016 Installation

Version:

2016

MD5:

1e575aca065540f5361a2c1c292e0bcb

SHA-1:

25d5ecbb99d88d2db62671f15368232aa480fa51

SHA-256:

9f329792b20cb76c130a7381ffaebefc61d766cf1ffb287499f592652107a3fa

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/5/2024 7:37:33 AM UTC (today)

File size:

1.4 GB (1,533,454,996 bytes)

GM-BOOST.RU

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

6/20/1992 1:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

25165824:JLXl6r70ixZiwaOrLQPe//vihrBHT1WcdqRWlHhymkWxqIjgFChy:JL14TZiMIGqhVHNdqRGktIjgEhy

Entry address:

0x25468

Entry point:

55, 8B, EC, 83, C4, F0, B8, 88, 53, 42, 00, E8, 24, F2, FD, FF, B8, C8, 54, 42, 00, E8, 2A, 1C, FE, FF, 8B, 15, 40, 88, 42, 00, 89, 02, 8B, 15, 40, 88, 42, 00, 8B, 12, A1, 48, 88, 42, 00, E8, E4, D3, FF, FF, 8B, 15, 40, 88, 42, 00, 8B, 12, A1, DC, 87, 42, 00, E8, 7A, 64, FF, FF, A1, 40, 88, 42, 00, E8, AC, 4E, FE, FF, E8, DF, E0, FD, FF, 00, 00, 00, FF, FF, FF, FF, 01, 00, 00, 00, 2A, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

145.5 KB (148,992 bytes)

The file css34.exe has been seen being distributed by the following 17 URLs.

https://s42e.storage.yandex.net/rdisk/4dedfe3ee1a736c31b8e151175c5b5aa721ebc273176f5e07e9a16515b0ba491/586bc0f9/Imzshz17p3Dm--98GckAovyIx7XgC8BGFzkZvc7Yx2MFRI7ow9jc3nZy4h_Ft21PlSM90IibVvxxL3QoOD8aiA==?uid=440915608&filename=css34.exe&disposition=attachment&hash=&limit=0&content_type=application/x-msdownload&fsize=1533454996&hid=b887f8d051b56349f23c683487dc534b&media_type=executable&tknv=v2&etag=1e575aca065540f5361a2c1c292e0bcb&rtoken=uqvWCpF3HJe1&force_default=yes&ycrid=na-ddd2a4cb7dc712da1a65feff396eac4a-downloader5d&ts=5453231477040&s=e5da438626746fa17a8d0a7c16737b8c26629f9a18133cc741b00475e5d1d006&bp=/2/.../data-0.5:33055596717:1533454996&pb=U2FsdGVkX18cowShh3SVjHe0w93ANTUGOPiaW-TsEAo-YiRlWlavZzZyJhiEbpyOcHd0J8zk_c0P5I3OOcEP_s0fOC1Kn1sOLF1whs6AWZA=

https://docs.google.com/uc?export=download&confirm=W9ZI&id=0BzFWl9EDFndqSWtOWWl3TTFTbTQ

https://docs.google.com/uc?export=download&confirm=xVL9&id=0BzFWl9EDFndqSWtOWWl3TTFTbTQ

https://docs.google.com/uc?export=download&confirm=fOwf&id=0BzFWl9EDFndqSWtOWWl3TTFTbTQ

https://docs.google.com/uc?export=download&confirm=NBK5&id=0BzFWl9EDFndqSWtOWWl3TTFTbTQ

https://downloader.disk.yandex.ua/disk/b458e307f4c44c4e4de0e9f636244f14cc0f72822bc1fba3d138dc49522ea8e8/58518f3f/.../x-msdownload&fsize=1533454996&hid=b887f8d051b56349f23c683487dc534b&media_type=executable&tknv=v2&etag=1e575aca065540f5361a2c1c292e0bcb

https://docs.google.com/uc?export=download&confirm=hEnv&id=0BzFWl9EDFndqSWtOWWl3TTFTbTQ

https://cloclo19.cldmail.ru/au7vGoXF4qWC1k6vDDa/G/.../xmiGmz1kq?key=dd1cde636c8537d67f9b08398696052f3a8118b3

https://docs.google.com/uc?export=download&confirm=xwAA&id=0BzFWl9EDFndqSWtOWWl3TTFTbTQ

https://docs.google.com/uc?export=download&confirm=XYeT&id=0BzFWl9EDFndqSWtOWWl3TTFTbTQ

temp:css34.exe

https://downloader.disk.yandex.ru/disk/4cb96f8da890b04b1e3a97fb2797ddb54a1378899ba8a5a7ca60bc87c8f3a25a/575017a0/.../x-msdownload&fsize=1533454996&hid=b887f8d051b56349f23c683487dc534b&media_type=executable&tknv=v2&etag=1e575aca065540f5361a2c1c292e0bcb

https://cloclo30.cldmail.ru/21TBzxuMsaad6rHfnk7G/G/.../xmiGmz1kq?key=8b3d8e98ac7849bee86f5ce2113d1e5e0b89f01c

https://docs.google.com/uc?export=download&confirm=o_-W&id=0BzFWl9EDFndqSWtOWWl3TTFTbTQ

https://downloader.disk.yandex.ru/disk/f5a70db82c9101376baed32dc0ceb299b19c7242f856909555d0ec936f3076e6/56d1007f/.../x-msdownload&fsize=1533454996&hid=b887f8d051b56349f23c683487dc534b&media_type=executable&tknv=v2&etag=1e575aca065540f5361a2c1c292e0bcb

https://downloader.disk.yandex.ru/disk/cc9bdd60fb129bb91cfcb64d95520f09ea8f0a2ef7b7f6c90b2281351b2f0c82/56cb1d02/.../x-msdownload&fsize=1533454996&hid=b887f8d051b56349f23c683487dc534b&media_type=executable&tknv=v2&etag=1e575aca065540f5361a2c1c292e0bcb

https://cloclo14.cldmail.ru/MHi6ujvMbQnwXAmG5qF/G/.../xmiGmz1kq?key=880da0e0e0cd0349648d7658f295f9a160a4ba51

Scan css34.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.