» grand theft auto iii.exe
Overview
Analysis
File Details
Downloads (10)

grand theft auto iii.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from s6464.chomikuj.pl and multiple other hosts.

File name:

MD5:

96ac31d64595bcc80a95dd7145957d86

SHA-1:

7ae2bdb6adc93d29df12f197cc157cb013b91ccf

SHA-256:

1fc29dc3a968161057174f5776064eab9717a710780e6975d9247a7244a57e99

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/15/2024 4:47:26 PM UTC (today)

File size:

558.6 MB (585,692,141 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\grand theft auto iii.exe

File PE Metadata

Compilation timestamp:

12/5/2009 11:50:46 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12582912:RFYR5lhgdqWwOl8Ifzt3O366wfB4CIz1B7HDiRN7XQ9:LYR5swOxpA9DBbW/XQ9

Entry address:

0x323C

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

23 KB (23,552 bytes)

The file grand theft auto iii.exe has been seen being distributed by the following 10 URLs.

http://s6464.chomikuj.pl/File.aspx?e=QpexMMExanQc9mO1YlZ5iBtIHoFsJgt2fajLVByTA9GRvK7jLhcRpAXD4XI4vxPKeZkSi__xLkzDV8cVYg4ZKvxW47gsXTEIfJRcbVz0sQyOfHE5utfrwG3r8ekpLSSzUgUJF87iZNja6WG7kO6ddce59w6AHcL095yVuUqpJeF0mkuBi8TlUdYZy9ELbJp-GbI9r9jFWqRKsC0cjenEaw6Y6qsbkLm33j1hPcVNfLq1zbwM2ZJj6IiuYcRXa_C4uGJMDlZv6dfvi7Di9H9mZqbxtrZ3SYmSL_5xDX8uuUwH_3wcXHuQyzL2U_8yWm-aH2Ap9mNgyiv-iGbre1fOn5-CcwswDjPYj6qjIDL_4SF68KWnvvKQtdw0tFgdeKgdJfjoL9fnxC2NOyUfQ79fxw&pv=2

http://s8319.chomikuj.pl/File.aspx?e=QpexMMExanQc9mO1YlZ5iBtIHoFsJgt2fajLVByTA9GZKjLnjCCqywMlIRMKvag707szLeFLSZnwLsuTboFEDwJo9wVCd2YcGPzRzhq1zcJClD8DQXK30R2C3M01-yiF-8WBS4-QJlz9MNTjJy_okRSHO1FuC7DcXJ2ewruVkdRjCq0lykUIRUIijcK1gAtZ6Q-ou66axRQLkUDrQ8dfftoNLi85xdSZ03sDm3K8LnVD5ohP7cGEuoXJs-sk0uy4glUc7eCliyiLP93TjZAO5Sy7D7XnFeGJNBzAM95l0s6-HANPC9JZ8h_cxPgaUmjanO5joc6JTrurKcvtjNHf051eSki_xXpfSqhziNU8Zeoy9pckppAxUiSlwPRJxHvgogfwxnCVav2AsjjU5q24_A&pv=2

http://s6117.chomikuj.pl/File.aspx?e=QpexMMExanQc9mO1YlZ5iBtIHoFsJgt2fajLVByTA9Hr15TdqiRvdrVheSEhd-ZSqs9OTJEbS9TqslP6WuRWlDYucphLehbwT8AFAz2etnQxxr9BJ8Ihr6rWplPmSbLG6EW1plYNszriv_Y-OpW4kqKphRS5eRm9uJqz5HUzr_uoMou_sjcUsdX2fTjRq7Oy5xLNzIqkOne0F5Jotg3SlCekhQVMgbBJ7MbeQcDcZHOPqw1MmmBE3GaA-OzYGJuydaOTLiDXNld3wclyKVXpE2oE_aIXpXW9gBs6yDyq1HyhBTmXwUciOUiD9mI4EYye3C02g3FcemMoM59ZFMMS27p_RAGOx_LTa4Z4f2jllQdIKFXPDdzFr5cx1gHWDzMeBw9kBrrbI0bYZWW-lPw0Fg&pv=2

http://s7922.chomikuj.pl/File.aspx?e=QpexMMExanQc9mO1YlZ5iBtIHoFsJgt2fajLVByTA9F5LLBMEwx0ZwX8pqGzxDJ_tM4zRWRsjT3MiyAlfx9RBEJl2CbIkT3df3h1YBVje-9Rdg7mNXN8G812VrXMbojeRPp3e9og46hSYQw75lr8HMjYj9xysSS8hRYRac6pa5A&pv=2

http://s6372.chomikuj.pl/File.aspx?e=QpexMMExanQc9mO1YlZ5iHh6IO4tnYZKOK4ACrRiJ6k2f1o02n0gWNemTb-Vni4DqiGTpUI9BqDqSqxju-Y2LLU2n2eRieRFPpSipeHqGGf5rIWKmd2P4EKHMSQv9hxIEhYXx62v-hk4JlMN_tFIrBQGHoxMKThj8c_BgqFOV1y2c8ENJJPBb8gyqd8VJqeheHdXNqK2dRhwR2wOR0WYHVKbdIJ3OlGS_fdNp_gbgUnOScPADg_qrHIMH9Ac8xdU4W8f-E42X6qqi3q8gLmvAJVZScDw4bWmCj51pmgdxNK0OcdO1X2F143kV2vCT9d6tYgyY9bVTAY4JyJig1L44laLB4YZDfMQucHhgto6lAGjDjOEWtxxOmaJbEULMz1U1o6XONQaFSjrOoL0o4NX_Q&pv=2

http://s8265.chomikuj.pl/File.aspx?e=QpexMMExanQc9mO1YlZ5iBtIHoFsJgt2fajLVByTA9Gj309mQcBi75QxJMJa8n8gSUgJ_Ejal4UuNGIjVySKTCTSU_ja_2RdwoSZdVZiEOVapROb1IEPYatfn32PxKHFrVkLtiSXgFZKFTZ1BdQp_T6FoYziydn0htW4oi2aJzamwNP5be-LYQ0YFEwj1pzNg1yE4-X5uMM3yoS-jk39t_4Kza86DoCygO_n9yTM7SJKOF7klSHEQTZwyAu-6gv5kqLTdrRDoha-vF_8YsSbWUWTlRn2KPRlE02NkdQfp3CdrUSjQDEd2h9qrUYKr7ORlJzc5z9Y_Y1vZCDSCzOQ5e_kjhDw1uT_UTNRd5xQjoogh9gqFx-Q0gbmAEsG5aP6XJl-790EN4KDbE_HEP31gg&pv=2

http://s7922.chomikuj.pl/File.aspx?e=QpexMMExanQc9mO1YlZ5iBtIHoFsJgt2fajLVByTA9EkeaCa-oLS3hbdmIa-rWk5RUGA-1kEM8JKAEF-72NxYL2CoxWa01fyoFZCsimrpf0M64ZnFEHKfEiqmvty76T4eLU8gB8n7kX52XNewl4oR5s5V_K8VhdJpnMFJXFfOQT2OLHn4eAgH89JpKWXuT7bVIY8YxfR9q6ClWa5nT3NX1bzyD8go5XOY27vF5_RMJTNXTd8ouYgDH2QDXm8-SxicWBuqKpnmK3XERPe44k-5oxvuaGHDWSAzNn3j5EoOcL-gkp8QbRQcciqYHK07LR0F_jWoX-8vIVHbtSVfaKPGfYJOmSWt3xE4Oi38uacR_l0pqb0qP8sq7AYD0Axs6FlgkbOGTZKibmh-nFHgVLl5A&pv=2

http://s6536.chomikuj.pl/File.aspx?e=QpexMMExanQc9mO1YlZ5iHS1b55kvjsLWHZYpgOKKST3PN8a9jMasWp0SpuQfrEQwzmy2x2WSqxLMEtzPpE1KRtppQ4qONMuCLdyCkCpiqn0WLowSGWjKXJI2qU0_cdNgXodXOIGDgjupkKMvTTK76qVLCp0PM8ESm3ptvOzKepqcZ9TW4Zzi1LKs3psJLBGeEm8v1LASIrrTaoCf2SErNSLjcdcBBN0jt8QHRAc1wlvfiUDzucszEyYgvL2JEb4CLh5CCvIFRJVsvHpY30HYYW-JihjFdXzuqcc8N-qicor5boYlnIOOPSTfuyM8-fnLD_rIDvoVcS9qjFCyI7THAMrWuGWCfcP02gPLS-oOkkiq7ecSKVNRv0vVtsnAPLTcoU028TK658xO5a5eueM3A&pv=2

http://s7922.chomikuj.pl/File.aspx?e=QpexMMExanQc9mO1YlZ5iBtIHoFsJgt2fajLVByTA9E_W4F0klrEexqXQEoju3SN0DyC8aT7Jx3CsT73hviRq9PS49WRUDemNX8wR34CK-H8pJ5jFNB5xBNztu7l98JOqGGg8ncilSCwYMG3oZscWerabj9lCd-zXT6VcDoMQcNvGFwHk9XMgaytlvYdOXMQLjzL59kDBS9lFocJY5UJBrqzL2VDNASOtbOS6s78App1t4oWE67nFyPhSxo6pOd3490V2aOmaRIGg4uIXPQepjWifnS4tPMwsI-kg5htL31jeEnyQih0nJ751HHEeI3JJFJuQOMK8VPh3w2snRR_ssSmRaiehFldR3OWUksWyTI8k6gfUWPggo0TH8aN9vZinE08T_KFCG7eJka8S0QTwQ&pv=2

http://s7922.chomikuj.pl/File.aspx?e=QpexMMExanQc9mO1YlZ5iBtIHoFsJgt2fajLVByTA9HfC3aLLNSiPDA_rNiE4hrwA7KrHsUCJ2FpcGTJJEzCmGGEAvxAwTq5ZOMbNP58G1EJPHA0WsXSSmNfXPbAw-MYdrJsekIb6MnSY5Xx38MGLzDDE9nlgdsFRBxatakP8IyN3WOKLUElBKxmROTOelJhSBKR1O6plKvLNUidh4V82CAW5A8lE2LdEf5SVZjBAa88wNalsecrXPLsrMNfjjRLVlICCOTINoqunVgKD3CFRujAiloN-He3xr2LeGimizRjc4KRSCAzr1IHmeHCf70Y7wBCmKCE5CHXKouLIzxcwshPOF9HTK5Jjvq1xwhq_IJZVVJfGCWj3srJ4thvFGj2k-GMUudpC2SsIgEbiPSWkA&pv=2

Scan grand theft auto iii.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.