home

fifa-14---autobuyer.exe

FIFA 14 - Autobuyer

The executable fifa-14---autobuyer.exe has been detected as malware by 4 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.file-upload.net.
Product:
FIFA 14 - Autobuyer

Version:
1.0.0.0

MD5:
8ec47573a736ddf10a71d3f4f5ba7afc

SHA-1:
796b449e2b971f552240b64f203c38f4554645fd

SHA-256:
bc0baec5ba21d2f1f3fe44f6a4d545aefe71733e500689fdf3542acc57103ad1

Scanner detections:
4 / 68

Status:
Malware

Analysis date:
11/23/2024 2:44:37 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Spy.Gen
7.11.139.26

AVG
PSW.OnlineGames4
2017.0.2669

ESET NOD32
MSIL/PSW.OnLineGames.TG
10.9600

Sophos
Mal/Generic-S
4.98

File size:
197 KB (201,728 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2014

Original file name:
FIFA 14 - Autobuyer.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\fifa-14---autobuyer.exe

File PE Metadata
Compilation timestamp:
2/15/2014 1:50:42 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:z1nzEcOmtewvlu2x5DmGalY8Qaf5g41iRUS:tOmTPEdy

Entry address:
0x31F7E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
192 KB (196,608 bytes)

The file fifa-14---autobuyer.exe has been seen being distributed by the following URL.

http://www.file-upload.net/download.php?valid=502.87355182294&id=8622628&name=FIFA-14---Autobuyer.exe

Remove fifa-14---autobuyer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.