home

iw6sp64_ship.exe

Call of Duty: Ghosts

Activision

This is a setup program which is used to install the application. It runs as a scheduled task under the Windows Task Scheduler. The file has been seen being downloaded from s6206.chomikuj.pl and multiple other hosts.
Publisher:
Activision

Product:
Call of Duty: Ghosts

Version:
1.0.0.1

MD5:
fe295d413f3a5656185f0dbf8a6bc1f1

SHA-1:
44581edebe6af901f283d7dd41dddb830617e537

SHA-256:
cc1ff6c9b6bfdb8a2ada22c1ee2e2a98b5f0494fee1e75946648fa3c8e0645a5

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
1/15/2025 8:00:38 PM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V1201
7.2.6

File size:
10.1 MB (10,597,888 bytes)

Product version:
3.0

Copyright:
Copyright (C) 2013

Original file name:
iw6sp64_ship.exe

File type:
Executable application (Win64 EXE)

File PE Metadata
Compilation timestamp:
11/4/2013 2:19:17 PM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
196608:2GUSUdDGakoXsvZ5ut51+BvVP23r5wIW:2d/dDGakSb1+BdP23WI

Entry address:
0x627924

Entry point:
48, 83, EC, 28, E8, 97, 52, 01, 00, 48, 83, C4, 28, E9, 02, 00, 00, 00, CC, CC, 48, 89, 5C, 24, 10, 48, 89, 74, 24, 18, 57, 48, 83, EC, 30, E8, 2C, 6B, 00, 00, 0F, B7, F0, B9, 02, 00, 00, 00, E8, 23, 52, 01, 00, B8, 4D, 5A, 00, 00, 48, 8D, 3D, 9B, 86, 9D, FF, 66, 39, 05, 94, 86, 9D, FF, 74, 04, 33, DB, EB, 31, 48, 63, 05, C3, 86, 9D, FF, 48, 03, C7, 81, 38, 50, 45, 00, 00, 75, EA, B9, 0B, 02, 00, 00, 66, 39, 48, 18, 75, DF, 33, DB, 83, B8, 84, 00, 00, 00, 0E, 76, 09, 39, 98, F8, 00, 00, 00, 0F, 95, C3, 89...
 
[+]

Code size:
7 MB (7,297,536 bytes)

Scheduled Task
Task name:
{66497506-415C-4C69-A1F6-407F80E00F09}

Trigger:
Registration (Runs on registration)


The file iw6sp64_ship.exe has been discovered within the following programs.

Call of Duty Ghosts  by Black Box
This is a repack of the original version of the game which may violate the games copyright policy.
www.ggamez.net
About 7% of users remove it
Call of Duty: Black Ops  by Activision
Call of Duty: Black Ops is a first-person shooter video game developed by Treyarch, published by Activision. Black Ops is a first-person shooter, retaining the same gameplay mechanics as previous Call of Duty titles.
www.activision.com/atvihub/home.do
1% remove it
Call of Duty: Ghosts  by Infinity Ward - Sledgehammer Games
Call of Duty: Ghosts is a first-person shooter video game developed by Infinity Ward.
www.callofduty.com
About 3% of users remove it
Call of Duty: Ghosts - Multiplayer  by Infinity Ward - Sledgehammer Games
The multiplayer in Call of Duty: Ghosts, a first-person shooter video game.
About 5% of users remove it
 
Powered by Should I Remove It?

The file iw6sp64_ship.exe has been seen being distributed by the following 5 URLs.

http://s6206.chomikuj.pl/File.aspx?e=VEIUBSRiPXJRwXj36_kB5gRrxCOZ10SQ_b8cU3cPTCkBR-E28uG-4zFgTRTvp8DkXRj7JEsbUW111NRx0xw9A7w3JdNCf6dMELFW3DydwSHqAlmRnUalsf7VjbiQcjO4-5W9Pm50VQ7-7q0JeuOq0w&pv=2

about:internet

http://download1817.mediafire.com/dylqad702lmg/.../iw6sp64_ship.exe

http://s6206.chomikuj.pl/File.aspx?e=VEIUBSRiPXJRwXj36_kB5gRrxCOZ10SQ_b8cU3cPTClEVUr4qvij1xlssKZ8qHK43m1446qcit0C8ANbpaZw2W-xeRgaZ_SPMTHc5toRUhD-it3OvjsyKjDUV35XcmfKlDRMV-mHyf7DBXvdJXXAeQ&pv=2

http://s6206.chomikuj.pl/File.aspx?e=VEIUBSRiPXJRwXj36_kB5gRrxCOZ10SQ_b8cU3cPTCnltNaQFVcdZTsPdJS-AMteJUEpXrXlLKbuYfAxicQHN0rc4hlbYMojWC9rT5YAdaNOvV1H-vxNxI-ik5RSISQr8oJ0HGEGLN0-6VLRKwilBQ&pv=2

Scan iw6sp64_ship.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.