» mafia2.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (2)
Downloads (2)

mafia2.exe

Mafia II

2K Czech

This is a setup program which is used to install the application. It runs as a scheduled task under the Windows Task Scheduler. The file has been seen being downloaded from s5894.chomikuj.pl and multiple other hosts.

File name:

mafia2.exe

Publisher:

2K Czech

Product:

Mafia II

Description:

Mafia II Application

Version:

1. 0. 0. 1

MD5:

ef68b7e15e7ee3cb94bd99621fdfb662

SHA-1:

4f9cde146e9cd02117996013b33424dcc9a628fd

SHA-256:

c944325d83a3cd7f8b3e0bf909fac1dbfe91248598146fc23400a95f1031a485

Scanner detections:

10 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

12/27/2024 2:24:48 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Suspicious

7.1.1

AVG

Cryptic

2015.0.3599

Bkav FE

W32.HfsAutoB

1.3.0.4613

Comodo Security

UnclassifiedMalware

17511

Fortinet FortiGate

W32/CodePack.CX!tr

1/9/2014

IKARUS anti.virus

Trojan.Crypt

t3scan.2.2.29

McAfee

Artemis!EF68B7E15E7E

5600.7255

Norman

Suspicious_Gen4.CBNIV

11.20140109

Rising Antivirus

PE:Trojan.Win32.Generic.15813AE1!360790753

23.00.65.14107

VIPRE Antivirus

Trojan.Win32.Generic

24834

File size:

24.7 MB (25,920,000 bytes)

Product version:

1. 0. 0. 1

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\2k games\mafia ii\pc\mafia2.exe

File PE Metadata

Compilation timestamp:

7/8/2010 5:44:21 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

CTPH (ssdeep):

393216:3EjRdJUEuOPEjWYBDW5RcYSdKHQnWlvkKT79BpsFsPyhCnLn9VS1RM017aO6UsM6:SRdFuhWU4RcYTQ+BTCQyh6L9VS1RMctA

Entry address:

0x18A7D17

Entry point:

E9, 18, 00, 00, 00, 4E, 6F, 6F, 62, 79, 50, 72, 6F, 74, 65, 63, 74, 20, 53, 45, 20, 31, 2E, 33, 2E, 39, 2E, 30, 00, 7D, F3, 0E, B1, 1A, D0, 0E, 79, 83, EC, 04, 83, C4, 04, E8, 5A, 0B, 00, 00, 60, 9C, E8, 00, 00, 00, 00, 5F, 81, EF, 0B, 00, 00, 00, B9, 1C, 00, 00, 00, B0, 9D, F3, AA, 90, 61, D8, 4E, 70, 40, 14, 4A, B2, AA, 6A, 5E, 40, 3A, 3A, F8, 18, 9C, 4A, D6, 04, A4, 14, 3A, 34, 8A, 68, 83, C4, 04, E8, 49, 00, 00, 00, E9, D5, 00, 00, 00, 60, 9C, E8, 00, 00, 00, 00, 5F, 81, EF, 49, 00, 00, 00, B9, 5A, 00... 
[+]

Packer / compiler:

Xtreme-Protector v1.05

Scheduled Task

Task name:

{CCDC3DC0-8101-44A0-803F-E2929396AEC0}

Trigger:

Registration (Runs on registration)

The file mafia2.exe has been discovered within the following programs.

Mafia II DLC Joe's Adventures by 2K Games

Publisher's description - “Play as Joe in this new add-on content. In this extension to the original story of Mafia II, Joe uncovers who had Vito sent to prison and what really went down with the Clemente family.”

www.2kgames.com

6% remove it

Mafia II Music Manager by Gottfried & ThielHater

About 7% of users remove it

The file mafia2.exe has been seen being distributed by the following 2 URLs.

http://s5894.chomikuj.pl/File.aspx?e=2LkhbVtS3WP8G74zaC_4sobCdbr3PTnTrS9VZiqDzXOxfQ0BS_sJe3G98DmoJv3BDykm3ToOQpFRtG5bc9kxufM5-JvTEXKywPkrq0N550WDK_CsyrtKVtSkMtXn420ZMdmQt0lWt3_E93kNMeNDwQ&pv=2

http://s5894.chomikuj.pl/File.aspx?e=2LkhbVtS3WP8G74zaC_4sqazg_hV0tNxyV8uBGKtFQmFu40pgBzgOt93Ux2tw4vQb0apTBxHUjH1LQOpDEcDfGZ-J67CD8HV-eHSpbvVWXCprd3MILv4I3gYRlR8mwDQ-6Tl5TTGF6OIAuwOMQ7WHQ&pv=2

Scan mafia2.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.