» gtprotector.5361597
Overview
Analysis
File Details
Programs (2)
Downloads (5642)

gtprotector.5361597

File name:

gtprotector.5361597

MD5:

05fd86912d656714537a37f0b686bcc4

SHA-1:

42fdb1c1f11d63d48576eb1ea3c6cfb26db0df8e

SHA-256:

f48d8f78a8c788b9aa3379e7cacfd170017654b842a9d18c5977c1533a565c93

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/17/2024 7:38:34 AM UTC (today)

Scan engine

Detection

Engine version

AegisLab AV Signature

AdWare.W32.Agent

2.1.4+

File size:

132 KB (135,168 bytes)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\inetcache\content.ie5\0gee1mkl\gtprotector.5361597

File PE Metadata

Compilation timestamp:

10/20/2014 1:16:23 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

1536:T+8utjJrG5NMS9DngyncInxgHUMi1abbM6ZEAqhrz1hh2w7lZIo2A3unwB4RvQWE:THwjRDS9r7SUmbM+8h5lIo2iTgvunAq

Entry address:

0x755A

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, D2, 64, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, FF, 35, E0, 12, 02, 10, FF, 15, 24, 90, 01, 10, 85, C0, 74, 02, FF, D0, 6A, 19, E8, 67, 65, 00, 00, 6A, 01, 6A, 00, E8, 58, 2A, 00, 00, 83, C4, 0C, E9, 1A, 2A, 00, 00, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 90, 93, 01, 10, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40... 
[+]

Entropy:

6.4655

Code size:

95 KB (97,280 bytes)

The file gtprotector.5361597 has been discovered within the following programs.

CSGO WaRzOnE Launcher by Warzone

cswarzone.com

About 6% of users remove it

StarGame: Counter-Strike StarGame Rus mod 2009 by StarGame

About 6% of users remove it

The file gtprotector.5361597 has been seen being distributed by the following 50 URLs.

http://update.cleancs.com/GTProtector.dll?0,6685297

http://update.cleancs.com/GTProtector.dll?0,9315912

http://update.cleancs.com/GTProtector.dll?0,9338495

http://update.cleancs.com/GTProtector.dll?0.787533

http://update.cleancs.com/GTProtector.dll?0,6923181

http://update.cleancs.com/GTProtector.dll?4,848659E-03

http://update.cleancs.com/GTProtector.dll?.1652948

http://update.cleancs.com/GTProtector.dll?0,6935541

http://update.cleancs.com/GTProtector.dll?0,1892664

http://power-boost.ro/.../GTProtector.dll?.301948

http://update.cleancs.com/GTProtector.dll?0,9971735

http://update.cleancs.com/GTProtector.dll?0.3321497

http://update.cleancs.com/GTProtector.dll?0,3375818

http://update.cleancs.com/GTProtector.dll?7.778567E-02

http://update.cleancs.com/GTProtector.dll?.721966

http://update.cleancs.com/GTProtector.dll?0,1784174

http://update.cleancs.com/GTProtector.dll?0.8185083

http://update.cleancs.com/GTProtector.dll?0,2329523

http://update.cleancs.com/GTProtector.dll?0.5153467

http://update.cleancs.com/GTProtector.dll?3.487796E-02

http://update.cleancs.com/GTProtector.dll?1.374453E-02

http://update.cleancs.com/GTProtector.dll?0.2531855

http://update.cleancs.com/GTProtector.dll?0,3175165

http://update.cleancs.com/GTProtector.dll?0,7179682

http://update.cleancs.com/GTProtector.dll?0,4794123

http://update.cleancs.com/GTProtector.dll?0.3698847

http://update.cleancs.com/GTProtector.dll?0,1220819

http://update.cleancs.com/GTProtector.dll?0,3478968

http://update.cleancs.com/GTProtector.dll?5,634707E-02

http://update.cleancs.com/GTProtector.dll?0,4954492

Latest 30 of 5,642 download URLs

Scan gtprotector.5361597 - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.