» hlds buffer overload v3.exe
Overview
Analysis
File Details
Downloads (6)

hlds buffer overload v3.exe

Code by ZeaL

This is a setup program which is used to install the application. The file has been seen being downloaded from download1495.mediafire.com and multiple other hosts.

File name:

Publisher:

Code by ZeaL

Description:

HLDS Buffer Overload Exploit v3

Version:

1.0.0.0

MD5:

1e3733fa9bfc73e43f8d0949c94ad1ca

SHA-1:

465e45d825fcf458fd51dc633426edd085069187

SHA-256:

5dd4bd6f024f91fa5a1e6376046a234966339dffc89d1365eeec05ad07d7850d

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/24/2024 4:05:06 PM UTC (today)

File size:

1.9 MB (1,966,592 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Language:

English (United States)

File PE Metadata

Compilation timestamp:

1/14/2015 5:33:23 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:92mXNAX6/qSbSjQtKqaWGye5dY75ciKZ:cm9i97qAhact

Entry address:

0x1A7468

Entry point:

55, 8B, EC, 83, C4, F0, B8, F4, F0, 59, 00, E8, C4, 4A, E6, FF, A1, 4C, 1A, 5B, 00, 8B, 00, E8, 78, FF, F6, FF, A1, 4C, 1A, 5B, 00, 8B, 00, B2, 01, E8, 8A, 1C, F7, FF, 8B, 0D, 0C, 1C, 5B, 00, A1, 4C, 1A, 5B, 00, 8B, 00, 8B, 15, C0, D8, 59, 00, E8, 6A, FF, F6, FF, A1, 4C, 1A, 5B, 00, 8B, 00, E8, C2, 00, F7, FF, E8, C1, 07, E6, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

1.6 MB (1,730,048 bytes)

The file hlds buffer overload v3.exe has been seen being distributed by the following 6 URLs.

http://download1495.mediafire.com/yzkz536lv3gg/.../HLDS Buffer Overload v3.exe

http://2u.girlshare.ro/download/.../HLDS Buffer Overload v3.exe

https://fs10n4.sendspace.com/dl/35c4dd8bef94a5a6c9541074d3ae2daa/5740beef183b3c1a/.../HLDS Buffer Overload v3.exe

https://fs10n1.sendspace.com/dl/5529424c2aa08b4cdf45c1183e84b043/56c362da0f798e1e/.../HLDS Buffer Overload v3.exe

https://fs10n3.sendspace.com/dl/685b28af24de270f8dff43c5bf9775ab/572de4f3406b2da5/.../HLDS Buffer Overload v3.exe

https://fs10n5.sendspace.com/dl/4fb2e9a8218b6b2de7a9f95f2bb6b68f/571c2b4355dc9a14/.../HLDS Buffer Overload v3.exe

Scan hlds buffer overload v3.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.