Halo Reach Generator.exe

The executable Halo Reach Generator.exe has been detected as malware by 26 anti-virus scanners. The file has been seen being downloaded from dc174.2shared.com.
Version:
0.0.0.0

MD5:
69d26c7f1abc609c5a45fe92fea4b0d4

SHA-1:
7ab2f6cbacd967aa72360af76e666e3c6cbf56ec

SHA-256:
bc94e2b60c1d629a2db12f9df0fa7d7d44877b5428162d332a8547bcfb8c7b0b

Scanner detections:
26 / 68

Status:
Malware

Analysis date:
11/23/2024 12:15:08 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Win32/Rebhip.worm.811008
2011.08.15

Avira AntiVirus
TR/Dropper.Gen
7.11.13.48

avast!
MSIL:Crypt-BK [Drp]
2014.9-160525

AVG
Dropper.Agent.10.A
2017.0.2732

Bitdefender
Worm.Generic.272688
1.0.20.730

Comodo Security
UnclassifiedMalware
9756

Dr.Web
Trojan.MulDrop2.31712
9.0.1.0146

Emsisoft Anti-Malware
Worm.Win32.Rebhip!IK
8.16.05.25.10

ESET NOD32
MSIL/TrojanDropper.Agent.CD (variant)
10.6380

F-Secure
Worm.Generic.272688
11.2016-25-05_4

G Data
Worm.Generic.272688
16.5.22

IKARUS anti.virus
Worm.Win32.Rebhip
t3scan.1.1.107.0

K7 AntiVirus
Trojan
13.105017

Kaspersky
Trojan-Dropper.Win32.Agent
14.0.0.155

McAfee
Generic Dropper!djd
5600.6388

Microsoft Security Essentials
Worm:Win32/Rebhip.A
1.163.1557.0

Norman
W32/Suspicious_Gen2.DKXCW
11.20160525

nProtect
Trojan-Dropper/W32.Agent.811008.X
11.08.15.01

Panda Antivirus
Trj/CI.A
16.05.25.10

Quick Heal
TrojanDropper.Agent.cxcd
5.16.11.00

Rising Antivirus
Trojan.Win32.Generic.128C7E14
23.00.65.16523

Sophos
Mal/MSIL-BJ
4.68

Trend Micro House Call
TROJ_GEN.R47C2IH
7.2.146

Trend Micro
TROJ_GEN.R47C2IH
10.465.25

Vba32 AntiVirus
TrojanDropper.Agent.cxcd
3.12.16.4

VIPRE Antivirus
Trojan.Win32.Generic
10172

File size:
792 KB (811,008 bytes)

Product version:
0.0.0.0

Original file name:
Halo Reach Generator.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\halo reach generator.exe

File PE Metadata
Compilation timestamp:
8/31/2010 6:23:35 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:JvDFEt/OMHp6+fumFrHQFraCsyTfp/yUcHdBGMn7qWrbpyLYYVAP4PhMkI/b7hWK:+rBBYWp92FxY

Entry address:
0xC47CE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
3.9726

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
780 KB (798,720 bytes)

The file Halo Reach Generator.exe has been seen being distributed by the following URL.

Remove Halo Reach Generator.exe - Powered by Reason Core Security