home

Gunz.exe

Gunz

MAIET entertainment

This is a setup program which is used to install the application. The file has been seen being downloaded from nationalgunz.com.
Publisher:
MAIET entertainment

Product:
Gunz

Version:
1,0,0,290

MD5:
255b418d0a3d2f5f25478bfc1af71c0f

SHA-1:
3d8c84ea9478d027b5e8a5f2c6833950d405c0ee

SHA-256:
4a65f91ba962a9bb77f55dd0d80ed4d227da53d5df256f7fccef46eb4ff5f50b

Scanner detections:
7 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/15/2024 2:41:13 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.2646686
391

Arcabit
Trojan.Generic.D28629E
1.0.0.425

Bitdefender
Trojan.GenericKD.2646686
1.0.20.50

Bkav FE
W32.HfsAutoB
1.3.0.7062

Emsisoft Anti-Malware
Trojan.GenericKD.2646686
8.16.01.10.06

G Data
Trojan.GenericKD.2646686
16.1.25

MicroWorld eScan
Trojan.GenericKD.2646686
17.0.0.30

File size:
5.8 MB (6,066,176 bytes)

Product version:
1,0,0,290

Copyright:
Copyright (c) - 2003 MAIET entertainment

Original file name:
Gunz.exe

File type:
Executable application (Win32 EXE)

Language:
Korean

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\gunz.exe

File PE Metadata
Compilation timestamp:
8/14/2015 11:31:38 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:J5YzDEaVBZ+7LzoLPjtWvgP9sfIswv/74FvgMrgTQbOPxtbc8e0mBYF:3YPb3ZgLMLPxfP9sfIsw3mvxgTLPnDMc

Entry address:
0x29A7000

Entry point:
68, 8C, 35, 00, 00, 89, 3C, 24, 89, 14, 24, 89, 34, 24, 68, 27, 01, 00, 00, 89, 04, 24, 68, 49, 51, 00, 00, 89, 1C, 24, E8, 01, 00, 00, 00, CC, 8B, 04, 24, 51, 89, E1, 81, C1, 04, 00, 00, 00, 52, BA, 04, 00, 00, 00, 01, D1, 5A, 87, 0C, 24, 5C, 68, B6, 53, 00, 00, 89, 34, 24, 89, C6, 56, 5B, 5E, 68, 08, 0F, 00, 00, 89, 2C, 24, BD, FF, FF, FF, FF, 29, E8, 5D, 51, B9, 37, 19, 8B, 6E, C1, E1, 06, 53, BB, 7B, 34, 26, 59, 29, D9, 5B, 81, F1, 45, 09, 9B, 49, 2D, DB, 1F, E8, 66, 29, C8, 05, DB, 1F, E8, 66, 59, 2D...
 
[+]

Code size:
3.9 MB (4,076,544 bytes)

The file Gunz.exe has been seen being distributed by the following URL.

http://nationalgunz.com/.../Gunz.exe

Scan Gunz.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.