grand_theft_auto_v_by_xatab-4454-torrent.exe

InstallShield

INTIS

The application grand_theft_auto_v_by_xatab-4454-torrent.exe by INTIS has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the InstallShield Setup installer. The file has been seen being downloaded from s33h.storage.yandex.net.
Publisher:
Macrovision Corporation  (signed by INTIS)

Product:
InstallShield

Version:
12.0.49974

MD5:
b0124f26cd86c36471a76e9d56793d64

SHA-1:
3a30b564e5010cb8906b45f22f63402d14364e57

SHA-256:
8c861a21593bea0289c61aeed8fa321fd6356d0717e3a83c0664e091e0cc01b6

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 11:05:43 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.FileTour (M)
17.3.15.13

File size:
2.6 MB (2,720,712 bytes)

Product version:
12.0

Copyright:
Copyright (C) 2006 Macrovision Corporation

Original file name:
Setup.exe

File type:
Executable application (Win32 EXE)

Installer:
InstallShield Setup

Common path:
C:\users\{user}\downloads\grand_theft_auto_v_by_xatab-4454-torrent.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
4/16/2016 3:00:00 AM

Valid to:
4/17/2017 2:59:59 AM

Subject:
CN=INTIS, O=INTIS, STREET="Prospekt 40-letija Pobedy, 69, 1, 8", L=Rostov-Na-Donu, S=RU, PostalCode=344072, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00E0D42565A341BEBE1BAFBF6CA79F6420

File PE Metadata
OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0x75CBB7

Entry point:
8B, F6, 75, 03, 74, 01, 70, 54, 6A, 40, 68, 00, 90, 00, 00, 68, 00, B0, B5, 00, B8, 5A, 00, B5, 00, 40, 68, D8, CB, B5, 00, FF, 20, 0F, 84, 22, E4, FF, FF, 0F, 85, 1C, E4, FF, FF, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, FC, 33, D2, 64, 8B, 52, 30...
 
[+]

Code size:
2.5 MB (2,608,128 bytes)

The file grand_theft_auto_v_by_xatab-4454-torrent.exe has been seen being distributed by the following URL.

https://s33h.storage.yandex.net/rdisk/048ca9238476a48e6c703457d57f330044b7c6b58cb690a2105c1a59f254f6de/578627e1/GWSGeT_mZEOv4VVx61K3_mRb1NsN6g5TJbY1VcU-fPL7srvahGW938dEKCpHeTmM-QmBYvSL9FrEgwv_zxuyTw==?uid=358720970&filename=Grand_Theft_Auto_V_by_xatab-4454-torrent.exe&disposition=attachment&hash=&limit=0&content_type=application/x-msdownload&fsize=2720712&hid=757459a2b471a1958403603be00e7114&media_type=executable&tknv=v2&etag=b0124f26cd86c36471a76e9d56793d64&rtoken=vrja5j3OwIln&force_default=yes&ycrid=na-e6f28b1d9d21046a39feee34f7f5f174-downloader5h&ts=53782ce00fa40&s=bbba553de5539c5f5bdec3d11fe6104c14c34b5b2790d7f966c649c0a0e8dd11&bp=/18/.../data-0.19:13590748660:2720712

Remove grand_theft_auto_v_by_xatab-4454-torrent.exe - Powered by Reason Core Security