gtavicecitymod_setup.exe

The application gtavicecitymod_setup.exe has been detected as a potentially unwanted program by 6 anti-malware scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from games.softpedia.com and multiple other hosts.
MD5:
d7ac3fea4e9063d5e5650cde0407a9ab

SHA-1:
d9d82c36866cd465a4db89b5b6939e8956ba4097

SHA-256:
e7c5e7f38339740c0e25f93d2f686d2de1b36119df5a4429655911081f34891f

Scanner detections:
6 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 10:06:55 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
Adware/Agent.310784.2
7.11.180.122

Kaspersky
not-a-virus:AdWare.MSIL.Agent
14.0.0.3018

Microsoft Security Essentials
TrojanDropper:MSIL/Livate.B
1.11104

NANO AntiVirus
Trojan.Win32.Jorik.vqett
0.28.2.62841

Qihoo 360 Security
HEUR/Malware.QVM03.Gen
1.0.0.1015

Vba32 AntiVirus
AdWare.MSIL.Agent
3.12.26.3

File size:
166.7 MB (174,780,416 bytes)

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\gtavicecitymod_setup.exe

File PE Metadata
Compilation timestamp:
3/23/2012 4:00:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3145728:c4curXfSxijKIs9NtDucno3ya5DFqR3c+wGVruKE0vPLIAbHpFyhkLrLwq:trMIKNtyio3zPtGVuKRPLTJZLrx

Entry address:
0xA6AF22E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9985

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
166.7 MB (174,773,248 bytes)

The file gtavicecitymod_setup.exe has been seen being distributed by the following 18 URLs.

http://games.softpedia.com/dyn-postdownload.php/cdae510d9486e85f37753a48f3cbab01/580a5596/82f8/.../1?tsf=0

http://games.softpedia.com/dyn-postdownload.php/0e401b1c796abaeff300fcdd0e44519e/586d1761/82f8/.../1?tsf=0

http://www.majorgeeks.com/index.php?ct=files&action=download&

http://download2us.softpedia.com/dl/8cb1dd72f1dcd41ae3126434cd07bd93/566418a9/200033528/games/.../ultimatevicecity2.exe

http://games.softpedia.com/dyn-postdownload.php/b76501d370544f22b97a6164627fe5aa/58653277/82f8/.../1?tsf=0

http://games.softpedia.com/dyn-postdownload.php/572c0d80cf8b7abc6014a90e084d5bf4/5844399f/82f8/.../1?tsf=0

http://www.majorgeeks.com/index.php?ct=files&action=download&PHPSESSID=fq4d4vvov5hspbhuhrjdd3b3g6

http://www.majorgeeks.com/index.php?ct=files&action=download&PHPSESSID=u1b533vqucq3q0m2u2q54bmtf7

https://d4c2us8g123wy.cloudfront.net/.../Grand-Theft-Auto:-Vice-City-Ultimate-Vice-City-Mod10.exe

http://download790.mediafire.com/66lllbaj6ejg/.../ultimatevicecity2-pcfavour.exe

http://games.softpedia.com/dyn-postdownload.php/4d623fe27ff0ae0f6d3f21fae67a6ea9/57a10e1a/82f8/.../1?tsf=0

http://www.mediafire.com/download/.../ultimatevicecity2-pcfavour.exe

Remove gtavicecitymod_setup.exe - Powered by Reason Core Security