» grand_theft_auto_v.exe
Overview
Analysis
File Details
Downloads (4)

grand_theft_auto_v.exe

WindowsApplication1

The executable grand_theft_auto_v.exe has been detected as malware by 13 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from cluster011.ovh.net and multiple other hosts.

File name:

Publisher:

Microsoft* (Invalid match)

Product:

WindowsApplication1

Version:

1.0.0.0

MD5:

d5ec4240f65853d7f187762a529da838

SHA-1:

8596448b337cb906ea34856c91182f90b7dc3552

SHA-256:

a576d0c49a4e8443e5ae11fb422d642fb716c4ad0edcfa79c73767bad2e1d1c0

Scanner detections:

13 / 68

Status:

Malware

Analysis date:

11/30/2024 11:12:36 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.419722

887

avast!

Win32:Malware-gen

2014.9-140901

Bitdefender

Gen:Variant.Kazy.419722

1.0.20.1220

Emsisoft Anti-Malware

Gen:Variant.Kazy.419722

8.14.09.01.11

F-Secure

Gen:Variant.Kazy.419722

11.2014-01-09_2

IKARUS anti.virus

Win32.SuspectCrc

t3scan.1.7.5.0

K7 AntiVirus

Riskware

13.183.13054

McAfee

Artemis!D5EC4240F658

5600.7021

MicroWorld eScan

Gen:Variant.Kazy.419722

15.0.0.732

Qihoo 360 Security

Win32/Trojan.396

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Generic.171AF8AA!387643562

23.00.65.14830

Trend Micro House Call

TROJ_GEN.R0CBH09GU14

7.2.244

VIPRE Antivirus

Trojan.Win32.Generic

32238

File size:

5 MB (5,195,264 bytes)

Product version:

1.0.0.0

Original file name:

Grand Theft Auto V.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\grand_theft_auto_v.exe

File PE Metadata

Compilation timestamp:

7/18/2014 8:33:37 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

98304:sWmDnnEK+CVyNIlfXMuI8yMHhVqhvldJE6SWc92YT9wiaQYBr0eOwW6B3e:s5nHyNIlfMl8p2tE6Lc9B9wRQ5eOG3e

Entry address:

0x4F1A3E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.9465

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

4.9 MB (5,176,320 bytes)

The file grand_theft_auto_v.exe has been seen being distributed by the following 4 URLs.

http://cluster011.ovh.net/~pobierzntf/.../Grand_Theft_Auto_V.exe

http://cluster007.ovh.net/~jeuxfrqqus/.../Grand_Theft_Auto_V.exe

Remove grand_theft_auto_v.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.