home

gta_sa.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from download1500.mediafire.com and multiple other hosts.
MD5:
9effcaf66b59b9f8fb8dff920b3f6e63

SHA-1:
f861043aad97aab5a7fe6823eaf32deb0f7a7be1

SHA-256:
18b473d40332b4643cb1acd3596ac62cd08a470ff584647b67ae323f5ba2a4cf

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/2/2024 5:23:24 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAutoB
1.3.0.4924

File size:
8.3 MB (8,708,096 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\rockstar games\grand theft auto san andreas\gta_sa.exe

File PE Metadata
Compilation timestamp:
8/5/2005 1:34:44 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.0

CTPH (ssdeep):
196608:WsWg6HrO0ruYckeNP7HHyfSkmmvyL3sKV9TTtWWAM/1HAiMsve33xm:WHkYaNPjyZ+3TR4M/dAjsvCU

Entry address:
0xDD7330

Entry point:
68, BA, 2E, 00, 00, 7D, 11, 81, 04, 24, DC, E6, 14, 01, 81, 04, 24, C3, 5D, 08, 00, EB, FA, 86, 81, 04, 24, 0C, 57, 1A, 01, 81, 04, 24, C3, F1, 02, 00, EB, FA, C3, B8, E1, F5, F1, FF, 8B, 84, 04, 1F, 0A, 0E, 00, A3, 60, EC, 1C, 01, E8, 09, 00, 00, 00, C1, C5, 4E, 9A, CB, 1C, 01, A7, 81, 81, 04, 24, 35, 00, 00, 00, FF, 34, 24, 81, 2C, 24, 32, 00, 00, 00, FF, 34, 24, 87, 34, 24, 8B, 36, 81, C6, 26, 3C, 00, 00, 87, 34, 24, C7, 44, 24, 04, C2, 04, 00, 23, EB, FA, A3, 10, E0, 1C, 01, B8, 1F, 82, F7, FF, 8B, 80...
 
[+]

Code size:
10.1 MB (10,563,584 bytes)

The file gta_sa.exe has been discovered within the following program.

CLEO v3.0.950  by Seemann
cleo.sannybuilder.com
About 1% of users remove it
 
Powered by Should I Remove It?

The file gta_sa.exe has been seen being distributed by the following 7 URLs.

http://download1500.mediafire.com/i0no3tvnjgsg/.../gta_sa.exe

http://download1619.mediafire.com/y0yo02ozfzwg/.../gta_sa.exe

http://download1619.mediafire.com/sbwflngjmkkg/.../gta_sa.exe

http://download1619.mediafire.com/l4hnr2abec9g/.../gta_sa.exe

http://download2.mediafire.com/xb8322mft3ig/.../gta_sa.exe

http://download693.mediafire.com/12r399li8evg/.../gta_sa.exe

http://download1935.mediafire.com/13l1xs2aictg/.../gta_sa.exe

Scan gta_sa.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.