» icy tower trainer.exe
Overview
Analysis
File Details
Downloads (1)

icy tower trainer.exe

File name:

MD5:

ab5ea39b73e9948cbd0d9693fd5a8316

SHA-1:

d819945d22b6b9b5decb0e83e0a87c7c55e7efde

SHA-256:

8d922817bc8f7e81a9ad06ddc30d2d49e539aee5a785752e9496aaf91c92f664

Scanner detections:

11 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

11/16/2024 12:29:58 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.460874

372

AegisLab AV Signature

Gen.Variant.Kazy!c

2.1.4+

Arcabit

Trojan.Kazy.D7084A

1.0.0.646

Bitdefender

Gen:Variant.Kazy.460874

1.0.20.145

Emsisoft Anti-Malware

Gen:Variant.Kazy.460874

8.16.01.29.03

F-Secure

Gen:Variant.Kazy.460874

11.2016-29-01_6

G Data

Gen:Variant.Kazy.460874

16.1.25

IKARUS anti.virus

Win32.SuspectCrc

t3scan.2.0.3.0

MicroWorld eScan

Gen:Variant.Kazy.460874

17.0.0.87

Qihoo 360 Security

HEUR/Malware.QVM20.Gen

1.0.0.1077

Rising Antivirus

PE:Malware.Generic/QRS!1.9E2D [F]

23.00.65.16127

File size:

326.4 KB (334,186 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

4/3/2009 8:10:09 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:W4vxMpUbbcONZwckS6TTL/XSEXZv+vsWo92kNAnPWW1Q8Tg/0+mQHob:W4vepBckVHL//JGvs7s4AjTgIQHa

Entry address:

0x30E0

Entry point:

6A, 00, FF, 15, 64, 50, 40, 00, 6A, 00, 68, 10, 31, 40, 00, 6A, 00, 6A, 65, 50, A3, 04, 64, 40, 00, FF, 15, B4, 50, 40, 00, 50, FF, 15, 48, 50, 40, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 83, E4, F8, 8B, 45, 0C, 83, EC, 34, 53, 56, 57, 3D, 38, 01, 00, 00, 0F, 87, 93, 04, 00, 00, 0F, 84, 40, 04, 00, 00, 3D, 11, 01, 00, 00, 0F, 87, 1C, 04, 00, 00, 0F, 84, 67, 01, 00, 00, 83, E8, 02, 0F, 84, 11, 01, 00, 00, 2D, 0E, 01, 00, 00, 0F, 85, F0, 04, 00, 00, 8B, 75, 08, 68, C0, 51, 40, 00, 56, 89, 35... 
[+]

Entropy:

7.1185

Packer / compiler:

FASM v1.3x

Code size:

13 KB (13,312 bytes)

The file icy tower trainer.exe has been seen being distributed by the following URL.

http://s10063.chomikuj.pl/File.aspx?e=o5PMnHa2qQXzML_jrpH_3rIkyEWsmgKzvSy6UIKcLe35Jm949UOJoRNW90PzFYHD2ew8309iycZRuKooTQvXkDh1BeSvRQVFyKXSITQnY_mHQJw4xMb9ge0XaDvK92sdEAGcBQA_ke7TsZ36Yv61SgTM3hdYZuSyxoWNa2cUeyA&pv=2

Scan icy tower trainer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.