home

growtopia gem generator.exe

GrowtopiaGemGenerator

FreeGameHackers

The executable growtopia gem generator.exe, “Growtopia Gen 1.0” has been detected as malware by 9 anti-virus scanners. The file has been seen being downloaded from download1371.mediafire.com and multiple other hosts.
Publisher:
FreeGameHackers

Product:
GrowtopiaGemGenerator

Description:
Growtopia Gen 1.0

Version:
1.0.0.0

MD5:
0c3c624b3dc96a9fbe89e3593d813c7e

SHA-1:
8f764307b4959f545b0e0ef2227367cd8a169ed7

SHA-256:
b1d5260ba7e711a616a2469bdf899b5e3d76602ca553da8fe5c342dcfa90f814

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
11/23/2024 3:23:23 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
PSW.OnlineGames4
2016.0.2919

Baidu Antivirus
Trojan.MSIL.OnLineGames
4.0.3.151121

Comodo Security
UnclassifiedMalware
23495

ESET NOD32
MSIL/PSW.OnLineGames.MB
9.12484

Fortinet FortiGate
MSIL/Onlinegames.MB!tr.pws
11/21/2015

IKARUS anti.virus
Trojan.MSIL.PSW
t3scan.1.9.5.0

McAfee
Artemis!0C3C624B3DC9
5600.6575

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.151119

VIPRE Antivirus
Trojan.Win32.Generic
44896

File size:
179 KB (183,296 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2013

Original file name:
Growtopia.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\growtopia gem generator.exe

File PE Metadata
Compilation timestamp:
11/1/2013 4:17:08 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:XmLig6UxXgIv5BaSZ9THknsswMe99999Po3RmUSa3c34QNIZsswMe99999Po3Rms:XWFqmGokssw/oBZPmsw/oBoU

Entry address:
0x2553E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.3055

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
141.5 KB (144,896 bytes)

The file growtopia gem generator.exe has been seen being distributed by the following 5 URLs.

http://download1371.mediafire.com/ttxrov7fdexg/.../Growtopia Gem Generator.exe

http://download1505.mediafire.com/5se4pmw6s9jg/.../Growtopia Gem Generator.exe

http://download1157.mediafire.com/3g2m0q4jy0tg/.../Growtopia Gem Generator.exe

http://download1157.mediafire.com/amcrmlawiskg/.../Growtopia Gem Generator.exe

http://download1157.mediafire.com/2ojhjf8r2fkg/.../Growtopia Gem Generator.exe

Remove growtopia gem generator.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.