portable_cs1.6.exe

The application portable_cs1.6.exe has been detected as a potentially unwanted program by 8 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from docs.google.com and multiple other hosts.
MD5:
300072e208756288b4d1fc51197635f0

SHA-1:
30adcb5652c229cc3fcba71ffb07af4a241f84b3

SHA-256:
fe3ebbdaba19c44bd448e3484d6e603a3830077b93ad355161c1a7f0218253fd

Scanner detections:
8 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 5:49:41 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
PCK/UPACK
7.11.109.96

avast!
Win32:PUP-gen [PUP]
2014.9-131224

F-Prot
W32/Heuristic-210
v6.4.7.1.166

K7 AntiVirus
Trojan
13.173.9980

Panda Antivirus
Generic Trojan
13.12.24.05

Sophos
Mal/EncPk-BW
4.94

Vba32 AntiVirus
Trojan.Genome.xq
3.12.24.3

VIPRE Antivirus
Trojan.Win32.Generic
22702

File size:
64.7 MB (67,826,994 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\portable_cs1.6.exe

File PE Metadata
Compilation timestamp:
12/3/2006 10:53:00 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
1572864:IcSKN+YCKaRUsKQ5Pzf3j2t5VNFQyuwpBRijXzAlUj/JBE9Mmz:IctNQWh+Pzf3Kt5V8qpBRkxBk

Entry address:
0x1000

Entry point:
E8, 8F, 28, 00, 00, 50, E8, CB, 29, 01, 00, 00, 00, 00, 00, 90, 55, 8B, EC, 53, 56, 57, 8B, 7D, 10, 8B, 5D, 0C, 8B, 75, 08, 8B, D3, FF, 75, 14, 68, E5, 40, 41, 00, 6A, 00, 6A, 00, 8B, C6, 8B, CF, E8, 0A, 44, 00, 00, 81, EB, 10, 01, 00, 00, 74, 05, 4B, 74, 14, EB, 57, FF, 75, 14, 6A, 66, 56, E8, 22, 2C, 01, 00, B8, 01, 00, 00, 00, EB, 47, 66, 81, E7, FF, FF, 66, FF, CF, 74, 07, 66, FF, CF, 74, 23, EB, 30, 68, 80, 00, 00, 00, 68, E0, 50, 41, 00, 6A, 65, 56, E8, 68, 2B, 01, 00, 6A, 01, 56, E8, 42, 2B, 01, 00...
 
[+]

Code size:
76 KB (77,824 bytes)

The file portable_cs1.6.exe has been seen being distributed by the following 41 URLs.

https://docs.google.com/uc?export=download&confirm=gis1&id=0B0kUsU7sPmmIam5YM2pFRTlLV3c

https://doc-14-00-docs.googleusercontent.com/docs/securesc/i0ujrib0kn1ppfenprhto1iukkpd3onf/rq9kfqu206gl5pm2qca4ajvktlh91hak/1478181600000/17143358630696830612/.../0B3xMKW4ZlXXfbnVUOVhubnZuWjA?h=15023453175469059115&e=download

https://downloader.disk.yandex.com/disk/7a311c4ae2c456384d20457fb2c69df55d51535d435b242584d73214d273cb20/58326741/2c5HyfouMgU1nBkf6Cl9pUor1pYNRV6nnOH8GqUnT2IUVGPapDfui0CPVcl7di1CHvJWYTSoscCQY5y9oaJxLQ==?uid=0&filename=Portable_CS1.6.exe&disposition=attachment&hash=XL4kRpo2u9aICRuhF/mvIxN0We/pDRysyoVlX8f/.../x-msdownload&fsize=67826994&hid=9d155220ffe989a3e094f494bf958c62&media_type=executable&tknv=v2

https://downloader.disk.yandex.com.tr/disk/fd552ec3b92179c7be40a2442408aea6bf71eeff2075c106189dccfa5b1d6785/57dc6772/2c5HyfouMgU1nBkf6Cl9pUor1pYNRV6nnOH8GqUnT2IUVGPapDfui0CPVcl7di1CHvJWYTSoscCQY5y9oaJxLQ==?uid=0&filename=Portable_CS1.6.exe&disposition=attachment&hash=XL4kRpo2u9aICRuhF/mvIxN0We/pDRysyoVlX8f/.../x-msdownload&fsize=67826994&hid=9d155220ffe989a3e094f494bf958c62&media_type=executable&tknv=v2

https://doc-0k-28-docs.googleusercontent.com/docs/securesc/nbqrdbpc7ohhvb1aaea6f8m71okcjl7q/60h6kvd84b5vf8qi4m8ln3vjn0ddisev/1485165600000/.../01986121148432182894/0B8ppUPfqh4iIVnNDYzZZNHR1Z00?h=13848031485814404421&e=download

http://download2058.mediafire.com/qdrd27d21veg/.../CS 1.6 Portable.exe

http://s8118.chomikuj.pl/File.aspx?e=vEsTQ8RXjbnv4LYFeh7IPTljwZexiCgKAIwOhdzL5c3CJw1NyslJknnsmlT1y1RjMJDBw7xjHYDZNr4rXW1-Y_hyuAk1w5Qt7_o-ci-oLzxMQlC8srHiKXyHkJDMOAYJFVWfv_4mDdqFZNe3AR9I1A&pv=2

https://doc-00-6k-docs.googleusercontent.com/docs/securesc/d00bl6rod6f94r50nbtpmtm06vdafmd0/pqhj4rrv8ikburuhsf4htbjhee24g1o4/1475791200000/14680260988472422685/.../0B3xmOURGfVkpYnU3RnRmaUpDZTg?e=download

https://docs.google.com/uc?export=download&confirm=8dj1&id=0B9Sb59JHZBzvYTRNR0xlZXFQWnc

http://e-learning.crma.ac.th/counterStrike.exe

http://www14.zippyshare.com/d/80538833/.../Counter-Strike 1.6 Portable.exe

http://www14.zippyshare.com/d/80538833/.../Counter-Strike 1.6 Portable.exe

https://doc-10-8k-docs.googleusercontent.com/docs/securesc/u66s5rpap4lnjdqqilqj75balulr3h9v/ksii4e6p370kukn00l3srgvdog86sece/1446847200000/.../00397242300117488991/0B4uYq7o5GrZ6Q3hFc0xDZDdsaDA?e=download

temp:Counter-Strike 1.6 Portable.exe

https://doc-08-3s-docs.googleusercontent.com/docs/securesc/icrsui488d19mdr1rm4me7i49ijkpttu/2qte0116jm2u5sf2r5vqt1cfse3iim1r/1475683200000/.../07233475680962974471/0BwdS5pR-PD7qOEJwdzlrRlN2SzQ?e=download

http://dc729.4shared.com/download/.../Portable_CS_16.exe

http://s8118.chomikuj.pl/File.aspx?e=-_7LjTTUtH5HeUrcyXCSwlYMQ48_M4ZX9Ufc6F8Gq8wIUBdJquj5NvPlO18ADGbqp6Z7fY6rapWKF3eFhjmNQcZU6EiauzlHRSqZWfS-85EX9qmhZcKtk1FSKPAhHWaQPFrMm568d3Wc4d-_-K45lQ&pv=2

https://doc-14-9o-docs.googleusercontent.com/docs/securesc/ft95nn2ifn2e3jf7jrpjbaf7l76lodlu/5na11r5273so1f5rdtc9erfb6bvkmn7g/1475013600000/07381073905856372715/.../0B6HMx7-GYUMaeVJ2aUhCVWN1b2c?h=12058133701337290207&e=download

http://zalacznik.wp.pl/0/.../CS_1.6_Portable_non_steam.exe

https://onedrive.live.com/download.aspx?cid=110A79B03AF1BECA&resid=110A79B03AF1BECA!3854&canary=Jp/.../Li13c=6&ithint=.exe

http://dla.uloz.to/Ps;Hs;fid=14652164;cid=898910852;rid=696091473;up=0;uip=88.102.34.227;tm=1426530988;ut=f;aff=uloz.to;did=uloz-to;He;ch=9e4766a3f175af6200a632042d52924b;Pe/.../cs-portable-by-lama.exe

http://s8118.chomikuj.pl/File.aspx?e=vEsTQ8RXjbnv4LYFeh7IPf4XG8fdFPqUD3rBGmfUmkvl0DaUQ5Bjt5NI3YNNOftFHbYntgSWYs5sA-fpWBwuYuhInQTSQtoG5UXtDKjJ1ymntivdd5B8U_K9cvhr9uAsR74szOnkdpKPVV9gQ1nuow&pv=2

https://docs.google.com/uc?export=download&confirm=5-_N&id=0BySUzGJfBR27NHE3dWJHWkJZbTA

http://s8118.chomikuj.pl/File.aspx?e=-_7LjTTUtH5HeUrcyXCSwlYMQ48_M4ZX9Ufc6F8Gq8wpdppqXLD49adiYVwuNLEQfE_F8AwTT1vwyk1w4-iMyuYCCkShEFjke-ZxhYHiPxOMGoVC3rc8cEUA8CTbjEeGETlmgM7A6YPGhErkuNxRNw&pv=2

https://onedrive.live.com/download.aspx?cid=0BF34312B761D01C&authKey=!AqKNzCr1DsmKmqc&resid=BF34312B761D01C!166&canary=88D8GKUNgwSKXwztiLthM3YlzF1ks3ncr3v acvzmG8=4

Latest 30 of 41 download URLs

Remove portable_cs1.6.exe - Powered by Reason Core Security