new hack pool live tour 2016.ct.exe

Hack

The executable new hack pool live tour 2016.ct.exe has been detected as malware by 22 anti-virus scanners. The file has been seen being downloaded from download1484.mediafire.com.
Product:
Hack

Version:
1.0.0.0

MD5:
43686f140b7bf7f928633e2684a63fe7

SHA-1:
114721532e79e20b675fce08dc107d71f161c532

SHA-256:
4d4075d10c3ecf11454e6b95a66c6d6ca7768214fa895db0b123a7087556b013

Scanner detections:
22 / 68

Status:
Malware

Analysis date:
12/25/2024 4:07:45 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Razy.6339
186

Avira AntiVirus
TR/Downloader.A.29459
8.3.2.4

Arcabit
Trojan.Razy.D18C3
1.0.0.653

avast!
Win32:Malware-gen
2014.9-160801

Bitdefender
Gen:Variant.Razy.6339
1.0.20.1070

Emsisoft Anti-Malware
Gen:Variant.Razy.6339
8.16.08.01.07

ESET NOD32
MSIL/TrojanDownloader.Agent.JB (variant)
10.12990

Fortinet FortiGate
MSIL/Agent.WW!tr.dldr
8/1/2016

F-Secure
Gen:Variant.Razy.6339
11.2016-01-08_2

G Data
Gen:Variant.Razy.6339
16.8.25

IKARUS anti.virus
Trojan-Downloader.MSIL.Agent
t3scan.2.0.6.0

K7 AntiVirus
Trojan-Downloader
13.213.18666

Kaspersky
UDS:DangerousObject.Multi.Generic
14.0.0.-184

McAfee
Artemis!43686F140B7B
5600.6320

Microsoft Security Essentials
Trojan:Win32/Dynamer!ac
1.1.12400.0

MicroWorld eScan
Gen:Variant.Razy.6339
17.0.0.642

Panda Antivirus
Trj/CI.A
16.08.01.07

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1120

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.16730

Sophos
Mal/Generic-S
4.98

Trend Micro
TROJ_GEN.R00XC0DB216
10.465.01

VIPRE Antivirus
Trojan.Win32.Generic
47038

File size:
18.5 KB (18,944 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2016

Original file name:
Hack.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\new hack pool live tour 2016.ct.exe

File PE Metadata
Compilation timestamp:
1/27/2016 12:58:29 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:0fstaBm5+/2d4SuLf45CQfj48a2wbGxlNkY:dtaveySqFZY

Entry address:
0x54CE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.2255

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
13.5 KB (13,824 bytes)

The file new hack pool live tour 2016.ct.exe has been seen being distributed by the following URL.

Remove new hack pool live tour 2016.ct.exe - Powered by Reason Core Security