home

gmod_9_0_4.exe

The executable gmod_9_0_4.exe has been detected as malware by 1 anti-virus scanner. This is a setup program which is used to install the application. This file is typically installed with the program Fusion Pack CS Source by Fusion NET. The file has been seen being downloaded from www.bulksharetown.com and multiple other hosts.
MD5:
d97df1a1f5af14e33d1558e78306b09b

SHA-1:
4cd63119b2d1cbb28b5c27f89fbf191587a3b554

SHA-256:
af4e403df22c7d70e3b1b2e9ed7ef5a9763d5070c9daaa66f7c5e85fbba2fe08

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/25/2024 11:42:47 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
(M)
16.6.5.15

File size:
26.7 MB (27,947,802 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\gmod_9_0_4.exe

File PE Metadata
Compilation timestamp:
10/4/2005 4:26:14 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
786432:6Dj1Y0gzUaEKApA+N3RtvlJQL/YU4Am6B0a1188:6DxFgzUaEKMNhnJWgeMa11r

Entry address:
0x3131

Entry point:
83, EC, 20, 53, 55, 56, 33, F6, 57, 89, 74, 24, 18, BD, 38, 92, 40, 00, 89, 74, 24, 14, C6, 44, 24, 10, 20, FF, 15, 30, 70, 40, 00, 56, FF, 15, 80, 72, 40, 00, 68, 28, 92, 40, 00, 68, 20, 3B, 42, 00, A3, D0, 43, 42, 00, E8, C4, 27, 00, 00, BB, 00, B4, 42, 00, BF, 00, 04, 00, 00, 53, 57, FF, 15, B4, 70, 40, 00, E8, 79, FF, FF, FF, 85, C0, 75, 24, 68, FB, 03, 00, 00, 53, FF, 15, 58, 71, 40, 00, 68, 20, 92, 40, 00, 53, E8, 9E, 27, 00, 00, E8, 59, FF, FF, FF, 85, C0, 0F, 84, 46, 01, 00, 00, BE, 00, A0, 42, 00...
 
[+]

Code size:
22.5 KB (23,040 bytes)

The file gmod_9_0_4.exe has been discovered within the following program.

Fusion Pack CS Source  by Fusion NET
Publisher's description - “Fusion Pack: Source is the first fully featured replacement pack to be released by Games Fusion and incorporates many new additions to Counter-Strike: Source, including weapon models, player models, sound effects and interface graphics.”
www.games-fusion.net/products
About 2% of users remove it
 
Powered by Should I Remove It?

The file gmod_9_0_4.exe has been seen being distributed by the following 50 URLs.

http://www.bulksharetown.com/srpu4IBlMlxr3YiIgwp8YiiSvZQQzlvHCyMj_8_AuXMFh1zxy nMoLm_dRqUigIsWdG2cq8aaNVSd t2mEgsxRg8qv2BkRSAn4Ij7aivPKtsYmcoc8nlz5dPy lJivvW2m6wIHRQntwf4yHYdg5ZJ72Jt_MZSaYhlS3HTywdNH07IPuAXD369kJCibNbHfgvbjQX_KwwuKhAS2RSFMnlMNCEXQM9iw==-GyAAAEQnh_YFSUaXvlO71oMUMolCcuNAb5xjoun4shwWG3oB

http://www.capitalvaultsbits.com/WuPfoHyNNIyTAIObOXHW3WRrNrtL2GhTsB4Wti4ocFUK ajojbRYn9eNjQ4dYDT8HvM3z ioWl9Q X7uMQL9pl_2wOiWORFg1s44E8fo3zQX6HIhA9k6OCqP0Z21Fr7Zn6CX 36Zl 6XO_S1c3qrJeqdXbr7SSWx1M9z_bqXPthAu0ZXorKQTSlQXqr0l GWRJRWtnC1vF6zuo5j7ATZ4yyEgbK8sw==-GygAAMRtbD4dzWlQjVCYyAF7WwkczN8Y54G8MfKD3YLME fdMS4b

http://i.download.idg.pl/fannef/f2273173efdd5882c0fa38196819056d/589f67ca//zx/cyberjoy/mody/.../gmod_9_0_4.exe

http://www.capitalvaultsbits.com/KGcypG9yPXUs070FW5gjO8GC_nkBzGn3wTt6Ej582B 6FLVSmYQBvrfCiBVpQUQUbn8xCsAnqGSZjG9Lgb26 eIoeBUP6kLl7H4ddLRKcLQWXgah6i36Es_Gq3sE 7wPOn6lOeSORlfl VmuujZ7bksV7gKenD7fRbnRyvHlus67yVFYAd5YTWSL2fSvtP2OXO3woF6C-GygAAMRtbD4dzWlQjVCYyAF7WwkczN8Y54G8MfKD3YLME fdMS4b

http://www.capitalvaultsbits.com/AlwbWfXycrPaXVcBq2oSkMRAMunzYKtPZtaJhqSLo9xFIV_WeelOvEUdEV FGzCpxXkqvo8dOTdv08NCTdA4i3RxvvASt7c5LHVn6HUp2JNQqxRQctJoY2qv MqvOoQ0TovokDqM7sZDKgak7mbd8mV5UI48OmTDe1Ls7Nmnne3rNtL911v1JpesVXf9T59417g NcX GDIxNg9JCWt3ZQZYX8ZyGA==-GygAAMRtbD4dzWlQjVCYyAF7WwkczN8Y54G8MfKD3YLME fdMS4b

http://www.capitalvaultsbits.com/a7JggyKReYJjHw5dJ_CM82YHUkksUJeSUPzckCamWzlVxHwGSYDyjChKdvv355o9KXf4KEdBTi9EEH_jYNppNP8YTvfl2pkGqm9vrwR9RVKoQRovtqhPOpavvrAe8Rinqw eG A8kFHYQBV2Ihqzw04M9tFEMxf1yolqyR5ozs2QuRwK5JzbFmkGYR22s0ruPoScWs I-GygAAMRtbD4dzWlQjVCYyAF7WwkczN8Y54G8MfKD3YLME fdMS4b

http://www.quickbitsdownloads.com/Z87lf2aSIubYG1NpeoET5G94LK7dp22qRQWEjlRTh93FbsGVDh2LwOBkAKlQnkGl3i_VJRTqFhgFLh_B38wqeomMFFcUtBifGf8cFFD8uaHQQEC3UdGOqLgzkjflpejCAghBEVmWLUNOL7yjCUFCxsaWmyscrjR3UpfQMwioyL2t9yAz22ICnYpVQFe9HFBx3lm4lb87j0lZcEeVG6iqCEPCFc6c4A==-G0AAAMQuFxOvSUHIH5zC2W5zjAOn6en8fMCJhh2wc8NgwhpnsljcPPdazt4FVS 6VJgj_G3w3FZ Ag==

http://www.bulksharetown.com/XzmL PvpzG6L5GiZeSrJhRNBySVo5UIAwspr9cmC6BctFR OA3g5vP_JivGnCfWOuL6GuCAoqRE0XY0Fy2MRJPRh mvTIKrcNZnNgYvFk1Q5vGwjpuPJMP010mXkZmigauFycO_TskBeRWAfgVmpDZd1pydntT RZb Vj1NTzD_GKmsUyM5PSHRdTnx gYOKjW1wCmTeHAMwHZtkUWp9XM5A_no5dw==-GyAAAEQnh_YFSUaXvlO71oMUMolCcuNAb5xjoun4shwWG3oB

http://www.capitalvaultsbits.com/w3wtUn5KNOzXqEHdPjv k3KnF6qJ g4xOuR0r_SALZ9KsbDNhxlZYVCaF68yzdKaucRD3SPegyjWmanblIb4eN7xx5z9aNpaZlt3wbVI0s28iX or w1MTTJGWuidIofpAtIGfFzX8zMaHVySjT2haGfBK_j39A5TkkB0bp59KT0qAVufxkPwi9A 5DLQga4GBxATqZeXGyCXGUhz9HP_dNvV6Em_Q==-GygAAMRtbD4dzWlQjVCYyAF7WwkczN8Y54G8MfKD3YLME fdMS4b

http://i.download.idg.pl/fannef/cc66eaf387fdcf3a3fdb8073060dbcf9/587a3aa5//zx/cyberjoy/mody/.../gmod_9_0_4.exe

http://everydownload.net/installing-6t/us/garrys-mod/windows/.../?post_id=8957&sid=13080948

http://www.giftvaultbinaries.com/gvbhYH0a5ZvAqJUeObawTfSBYubvKTHtrlh7o7qWA8D0zbcKOAdifipynt7s4LqvNUcVn5lgt2iKRpiUkYzzBopw2bku7HdN3l T9RTBxTBR8ewXO a9CD6_nAsCdVTUZlj4amvg1J7EqPwaOxPZIV8N8gBW8MdfMLOO7LmuSe9KLju26cW__HbxjVvPziMl7xMoODoyMg3zwLuRi4dU7LXwqBL 9KmYNoKy0dFkHWf57a7e6S63F8Mur65arfXRYnAkm2hQoqwG3zr_950ggxRx6CFoJ1zfK5AD QwzBypElxcPcsVg2PU5d9USYb2xkH 2YFlg7xeZPZQdyTQ7S0RYR5yBrwPzOsE9eRX9Fj9Il2qzWkNQdo_hQ1x2TKoQuG6gVbtsPOhmTrH5 zeMBwogpeZDFt3GDSWOsdKGnnIX46jyeNqQkqzaty0PAOMisHazj7Yw5WlO2KQ2i6LHbEpJrX_2 w==-GzwAAORtm0 pXuMEQWcIijXCUIKCiRyw1wKWC761DjxVYyQvcqWAueIQqH_FW7FfUQvUbYyN3H8M41QggzwB

http://www.capitalvaultsbits.com/7qNPjlRvV4mV2YaGbpzS5xGIgtdib7glqyjiWtS_YMwcJSwDWwUgGg80CQbQR36s72fI5Q0kZqDmpam5aJaLlcl hmLke7a1TqAbivc5Nda18Jr3hi6T3eEnyFbFR40V1yT16d3v6bdHs22AZOOHirp6phr ZmFqLTEFL96lNBfBdRrwC97PYvPHfn2kniXPdqc7CFcG7pQ9asI5JWi5gEXBzqaRcA==-GygAAMRtbD4dzWlQjVCYyAF7WwkczN8Y54G8MfKD3YLME fdMS4b

http://www.bulksharetown.com/aW MejW9shiiJYK9eGlMlJU4v5DBLHS3gfPM4vIJDEgKDD8qGqdE6oaWTXOWDrTR1pykWjjnGiF6rbq9mgoKFFpy6Mc1SeGofFpklBslfZvbfyXk4Nl9yd9ynuCNgqZZ64bA0 GTRNnf5FvZgNBRyMU7QvCELkUQdy3ZIXNclwdxfslKIqS3548M9UmAjbRkF2ZgOHQiHa9Z97iUiVa22lsEnTv8jw==-GyAAAEQnh_YFSUaXvlO71oMUMolCcuNAb5xjoun4shwWG3oB

http://www.filesdeliverybits.com/KLu1SWyT4FIMQ6381KBSgWBAAwJvBRZOegJpxXcOsWAWjSDMR3IqHdHo5EgS0lpQNPW9mH4oDHbfDFk9mf2XZzIPbwWyd8cYB6SDmfKtXBkD9DlsxocoUSAvlbgmRf3FvHXvKfcGCeiEYRNafWyWgtLIqg2kXfVnTCgH5Q8BOErZA6DyuIEntVhDFX0FzETte6W3EXy0fhKMrn9VNqwOUupO0DCmTw==-GyAAAEQnh_YFSUaXvlO71oMUMolCcuNAb5xjoun4shwWG3oB

http://www.binariespresentranch.com/P95iteb8PqgPgX4yLbbcftIigZ0uNTUUtVvFEab6SmbIirTSgherBDWrHztHOfpr71yDDFECHZFBag1PmtKYHRtOf105qT78APLzuyFJT5TU_hcxXXvZeQravnFWj68nBAYajTgelb6BM3qoZRxwAONnwweI6eZ7qKdksBmqPmCNUV8KNYs7h7 x0PBgHsX6hhQWH9AxW0IFHxl2Vf rEaK8Dm_w_g==-GyAAAEQnh_YFSUaXvlO71oMUMolCcuNAb5xjoun4shwWG3oB

http://www.capitalvaultsbits.com/KPExIn4eCPbHuXCtW0Hpi7f327Q4IsIb3HAkX1ZdrGJkWX1DfImRqaOoH0HmoBFXYAK_1VxCeNCf e99ttduobgsA59AkoMu13v37kbGI6N8nAwkKgSnLpqaXHhmsuM Zb MTEBkeBDWCpJRvrDvUStgq 4I3G HNowDQPNp73EDxXZ0ob9KoRlOjeCa70q0zoN5lgof_CzwgRhCSPUA6XXNoLrRUQ==-GygAAMRtbD4dzWlQjVCYyAF7WwkczN8Y54G8MfKD3YLME fdMS4b

http://lb.cdn.m6web.fr/d/c/a/27eb89effff98b9f6a8800eebd2b085e/565b6ce5/mods/2007/10/.../half_life_2_gmod_9_0_4.exe

http://www.giftvaultbinaries.com/Wy4cQC shLpA Eg6I8l1VAK6EKjlKEzdc8LtCO_6etVr6iNw4 sja2ADEs5JMqpfyqyHgmCBIFW XcvyqB5eRoArythRIYqNtGly6Ycm1xLiMvSMrQ5hXXfUqL2bP2tXlkysPd9vYX0zsvCeA5FkpQhhw0fd6iKzPhtgsWY3IxmZK7dxlaN_JaszSODjN4lUghWgiw9UDO PX1JcIH92lsoSHIf2O5A_oBwWoSQLnpxdtMADCu9s9ezpVXVL1W1EA2kPDVNOYdnPPajULPkyvNgSZio3V0jAFgNf8TYHBa7mJfp9hBL6B3SAabit8yKJZeZI24pq47n7iMFmHsX540wjVkH1iR0Y gs3StiNjcWsxgChNyFnFmcNi07PpVxSACAZWFv 5_0yqZn4vPG5CNW_UiJ4QNZp3wLgKztcwalCYn2gieWa4SRiPNnap8GUjepPIvFCfQeks3cDwmKNTg2eL9KZA==-GzwAAORtm0 pXuMEQWcIijXCUIKCiRyw1wKWC761DjxVYyQvcqWAueIQqH_FW7FfUQvUbYyN3H8M41QggzwB

http://www.bulksharetown.com/tvjGUG2Uex92MwR0xb5CQExGsd9kkiVAxvDTs73U22bIPtW2VzoNZCHS_e0 BlDlf43F_rIWCI8im ArtS0Vm0A8NxYEvXnrwlpgyAxn_f0HjRNGbG3gSAUhaffkmiLSzNqw4oqtqLrVtKjNwFKPF3k13POtSGEl8oYuduWrgPHrynFTF_UihFBsboCBPKiUjBiglQLQXwizZ0dO9WlI1MsLrV5XdQ==-GyAAAEQnh_YFSUaXvlO71oMUMolCcuNAb5xjoun4shwWG3oB

http://www.capitalvaultsbits.com/Aswzvb9BqBZiIJZieNatWju1hkVTBfCCbsH60TFJ70KMNejP2q1dItvLJ6pX4h_lx7z2vs8HRPmRA_oXN78nXjhfMNyWnVi6RCm0AFe0b6v7i5r04Gv3OssTR327zgEhHZTTSQ2oS1WoBTLhXDE06KRjRZUpEL5SvYtQE_5OErC_sqAt0jwS3ZmQAyf g2goRwmyMGTGxEWWzTMz0eTeE iI7RfQJA==-GygAAMRtbD4dzWlQjVCYyAF7WwkczN8Y54G8MfKD3YLME fdMS4b

http://i.download.idg.pl/fannef/0398a6c6dc8710852c30b12c91243985/588b609b//zx/cyberjoy/mody/.../gmod_9_0_4.exe

http://everydownload.net/installing-7c/us/garrys-mod/windows/.../?post_id=8957&sid=13707121

http://www.capitalvaultsbits.com/aBnJOq1Rty0g4ajKo _GuMdu7aYSZ0iIeEZruyOS7vVjlywS01xawhqVPdIuLg_RBzLZMxMh1RueQqayzFMg t9s1ue_mQuV7BjVYszYS4K0ffsyXOh6XHTwhPbRYHtXVbj40RwOjuAKZXcZwPL0fFfNJH6JNfjsTjPQOGrD6qFBz_ shDlgFulKx6LtI0rFa6hITFABbolOy8z0P7QY4pyZEU6jrA==-GygAAMRtbD4dzWlQjVCYyAF7WwkczN8Y54G8MfKD3YLME fdMS4b

http://i.download.idg.pl/fannef/44d8a8049b35060204886ea407f8ded5/5803be25//zx/cyberjoy/mody/.../gmod_9_0_4.exe

http://i.download.idg.pl/fannef/f150f0d2bf82a08e11a9e6547d865513/56599178//zx/cyberjoy/mody/.../gmod_9_0_4.exe

http://www.capitalvaultsbits.com/AYJr9zsCJvxcoqBb5ltj3ziWknKOOpXXx50IRscYXGsgIBhTAyU7L7vawacNymEqNw7KilNfUu_U4PH30JXBo9ZBbW_SDuPYLSOcxZiciqzvwp80vZHpZwQnrjhNl8ivSJ_N4DiSU900 DWcIzEI6i5lAbWBRS6 owBwx0NeBQWA dSmAC3QjbouDGAyHOwzn0KAWVcCZ_OrtlFv_qj71LCEyAheKA==-GygAAMRtbD4dzWlQjVCYyAF7WwkczN8Y54G8MfKD3YLME fdMS4b

http://www.moddb.com/downloads/mirror/9760/.../885cdceedb6a6123dd44e9df3113b90d

http://www.moddb.com/downloads/mirror/9760/114/1a8111acf7e658a093fa81e0ee4a29c7/?referer=http://www.moddb.com/mods/.../downloads?filter=t&category=2

http://www.capitalvaultsbits.com/lPK1l95G RDXmkDvKRh7egZwocMztGaGtmwfSERyhQmuRiJHl3t5Bs JJgj9uvDd0IwUoyb5LAYXnNiksVCh_ekaF7oGEiYVKwUk34dDSyueo7ohdiMjaQQwMDEdAQanK4Nfv4CYijeQM7P7iTj5Kgzcrr2GX0yREhvAVGDXRB0Jb2qmeySXgyWrTfNB5gI6Rbvcjbk0UgeeRdL0vrs6l2ULDFYSJg==-GygAAMRtbD4dzWlQjVCYyAF7WwkczN8Y54G8MfKD3YLME fdMS4b

Latest 30 of 833 download URLs

Remove gmod_9_0_4.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.