» garrys mod non steam__16874_il160273.exe.gz
Overview
Analysis
File Details
Downloads (7)

garrys mod non steam__16874_il160273.exe.gz

The file garrys mod non steam__16874_il160273.exe.gz has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from www.nvmzvxag7perxtume.info and multiple other hosts.

File name:

MD5:

1f13581e40e6372e07372c7009890114

SHA-1:

dcc5d6b2ed89bc67cc57e0107b9206d1f09e05a3

SHA-256:

e9f828225ecbf7d98ce0df77715416425d0a53a7bb669f435f4aaab765f9c897

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/16/2024 12:26:20 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.Amonetize.Meta (M)

16.6.23.0

File size:

589.3 KB (603,433 bytes)

Common path:

C:\users\{user}\downloads\garrys mod non steam__16874_il160273.exe.gz

The file garrys mod non steam__16874_il160273.exe.gz has been seen being distributed by the following 7 URLs.

http://www.nvmzvxag7perxtume.info/randownload.php?HdeTSyXBhZPgpYZX1IdndGb31CBjU CTEmVW5wV1JyIws9JAEidSIMODZfLCtZZwYgDmYcMS86JSAjVyoAEUEVFjFuLiAgLB0tETglEj8cKxAGDhUWLWoGHiwjNT4VOiYOHVUrPjhIFBY NgYgBiAdPTNxJxl5DioACRQUFgQxER4JPgoUATUxIBFUK2ckARcWKS8FMDQjHxMROiUzfBwrDCRMAXAlaRIOAmUJPQk6Jw4GDioAERQCKC4wBQ4kIwktEikmNxlXPz4eSRU1VWduBRUkPRg1J1UcIQgAciBIZSNROHEBAGRkHWF6XmwqUlAyNkFrcV5uLQUAMjJJbnUKa34CVmxgHW9kHGt1VVFhY0hpdlFpfA==

http://www.striker5field.info/?vn=1.1.5.55&campid=14973&prefix=Star Wars Battlefront 2 Game&appname=Star Wars Battlefront 2 Game

http://www.striker5field.info/?vn=1.1.5.55&campid=15334&prefix=4shared&ti1=Mjc0IzU0MTQjNjQ5IzM2MzB8MjEyMjU2fEFFfDN8MXx8&appname=4shared

http://www.striker5field.info/?vn=1.1.5.55&campid=14714&prefix=Re Loader 1.4 RC 5 2.zip&appname=Re Loader 1.4 RC 5 2.zip

http://www.striker5field.info/?vn=1.1.5.55&campid=4837&prefix=File&ti1=MzM5MHwxMzk3ODV8MjA5fDExNTIzMHwxNDUwMTE0OTM1fDlmYTg4YmIwLWQzMTQtNDIzZS1jMjMzLTE3NTVjZDg3N2E3NHwxMTAuMTY4LjIzMC43M3w5Y2M3Zjg1ZDQxOTNjOTBmZjFjMjAwZTJkNmQ3ZjM0Mw==&appname=File

http://www.striker5field.info/?vn=1.1.5.55&campid=3423&prefix=Mortal Kombat 4 Game&appname=Mortal Kombat 4 Game

http://www.striker5field.info/?vn=1.1.5.55&campid=16874&prefix=Garrys Mod Non Steam&appname=Garrys Mod Non Steam

Remove garrys mod non steam__16874_il160273.exe.gz - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.