home

left4dead.exe

MD5:
f77d3aaa2bdac363f518f599a7ba47b3

SHA-1:
1de80b50e608abf68df8195f4cc1a2169eccb809

SHA-256:
e486eb339a1a6f06a9c9b4cf186b14db4692cb61603e8832e949c0efc33fd2ff

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/23/2024 9:46:03 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAutoC
1.3.0.4959

Trend Micro House Call
PAK_Generic.001
7.2.143

Trend Micro
PAK_Generic.001
10.465.23

VIPRE Antivirus
Trojan.Win32.Generic
29230

File size:
86.5 KB (88,606 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
11/11/2008 10:22:09 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1536:pDh8SdlubslXhKHepe/5Nykt+HtycRl07teA:pFtRzcgHtXl0D

Entry address:
0x1A000

Entry point:
60, E8, 00, 00, 00, 00, 58, 83, E8, 3D, 50, 8D, B8, 00, 00, 00, FF, 57, 8D, B0, E8, 00, 00, 00, 68, B0, 18, 40, 00, C3...
 
[+]

Entropy:
5.8930

Packer / compiler:
RLPack FullEdition V1.1X * Sign.By.fly

Code size:
44 KB (45,056 bytes)

The file left4dead.exe has been discovered within the following program.

Assassin's Creed II  by Ubisoft
Assassin's Creed II is a historical action-adventure open world stealth video game developed by Ubisoft Montreal and published by Ubisoft.
www.ubi.com
1% remove it
 
Powered by Should I Remove It?

The file left4dead.exe has been seen being distributed by the following 2 URLs.

temp:left4dead.exe

http://dc165.2shared.com/download/.../left4dead.exe

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to a104-93-211-27.deploy.static.akamaitechnologies.com  (104.93.211.27:80)

TCP (HTTP):
Connects to a23-5-156-221.deploy.static.akamaitechnologies.com  (23.5.156.221:80)

TCP (HTTP):
Connects to a104-122-102-69.deploy.static.akamaitechnologies.com  (104.122.102.69:80)

TCP (HTTP):
Connects to a23-46-96-157.deploy.static.akamaitechnologies.com  (23.46.96.157:80)

TCP (HTTP):
Connects to host-213.158.175.72.tedata.net  (213.158.175.72:80)

TCP (HTTP):
Connects to a23-50-198-184.deploy.static.akamaitechnologies.com  (23.50.198.184:80)

TCP (HTTP):
Connects to a23-50-18-229.deploy.static.akamaitechnologies.com  (23.50.18.229:80)

TCP (HTTP):
Connects to a184-26-197-235.deploy.static.akamaitechnologies.com  (184.26.197.235:80)

TCP (HTTP):
Connects to a184-25-165-51.deploy.static.akamaitechnologies.com  (184.25.165.51:80)

TCP (HTTP):
Connects to a172-227-115-204.deploy.static.akamaitechnologies.com  (172.227.115.204:80)

TCP (HTTP):
Connects to a104-69-155-235.deploy.static.akamaitechnologies.com  (104.69.155.235:80)

TCP (HTTP):
Connects to a104-105-192-119.deploy.static.akamaitechnologies.com  (104.105.192.119:80)

TCP (HTTP):
Connects to a104-104-38-212.deploy.static.akamaitechnologies.com  (104.104.38.212:80)

TCP (HTTP):
Connects to c9520ca8.virtua.com.br  (201.82.12.168:80)

TCP (HTTP):
Connects to a23-32-163-235.deploy.static.akamaitechnologies.com  (23.32.163.235:80)

TCP (HTTP):
Connects to a23-213-40-213.deploy.static.akamaitechnologies.com  (23.213.40.213:80)

TCP (HTTP SSL):
Connects to a104-104-20-132.deploy.static.akamaitechnologies.com  (104.104.20.132:443)

Scan left4dead.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.