Grand Theft Auto V v1.0 Plus 16 Trainer.exe

Grand Theft Auto V v1.0 Plus 16 Trainer

3DMGAME

The executable Grand Theft Auto V v1.0 Plus 16 Trainer.exe, “FLiNG@3DMGAME Presents - Grand Theft Auto V v1.0 Plus 16 Trainer” has been detected as malware by 2 anti-virus scanners. The file has been seen being downloaded from cfile25.uf.tistory.com and multiple other hosts.
Publisher:
3DMGAME

Product:
Grand Theft Auto V v1.0 Plus 16 Trainer

Description:
FLiNG@3DMGAME Presents - Grand Theft Auto V v1.0 Plus 16 Trainer

Version:
1.0.0.0

MD5:
89bbd9746270ed7bacacf61e85b585dc

SHA-1:
d3b99d51665d2c343249a15754ed389e4b24ff23

SHA-256:
b924835bf7ef0f3e92c7c7f0c76471789e479dd3a46f7876261b6511c462701d

Scanner detections:
2 / 68

Status:
Malware

Analysis date:
11/24/2024 12:06:09 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win64:Malware-gen
150319-1

ESET NOD32
Win64/GameHack.F potentially unsafe application
7.0.302.0

File size:
895 KB (916,480 bytes)

Product version:
1.0.299.1

Copyright:
风灵月影 (FLiNG@3DMGAME) Copyright (C) 2015

Original file name:
Grand Theft Auto V v1.0 Plus 16 Trainer.exe

File type:
Executable application (Win64 EXE)

File PE Metadata
Compilation timestamp:
4/16/2015 4:45:45 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:zSqwjpabiNzaaYT01c908hOFj5+Pf/cxrNnO2mHQTtWdmOPRL5DSyt:zSqwjpag+01c9ZAFNg0xZOXwxWtDS

Entry address:
0x3AE98

Entry point:
48, 83, EC, 28, E8, FB, B9, 00, 00, 48, 83, C4, 28, E9, 52, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 8B, C1, 49, 83, F8, 08, 72, 53, 0F, B6, D2, 49, B9, 01, 01, 01, 01, 01, 01, 01, 01, 49, 0F, AF, D1, 49, 83, F8, 40, 72, 1E, 48, F7, D9, 83, E1, 07, 74, 06, 4C, 2B, C1, 48, 89, 10, 48, 03, C8, 4D, 8B, C8, 49, 83, E0, 3F, 49, C1, E9, 06, 75, 39, 4D, 8B, C8, 49, 83, E0, 07, 49, C1, E9, 03, 74, 11, 66, 66, 66, 90, 90, 48, 89, 11, 48, 83, C1, 08, 49...
 
[+]

Entropy:
7.2555

Code size:
325 KB (332,800 bytes)

The file Grand Theft Auto V v1.0 Plus 16 Trainer.exe has been seen being distributed by the following 2 URLs.

Remove Grand Theft Auto V v1.0 Plus 16 Trainer.exe - Powered by Reason Core Security