» r.g._mechanics_grand_theft_auto_v-torrent.exe
Overview
Analysis
File Details
Downloads (1)

r.g._mechanics_grand_theft_auto_v-torrent.exe

Artem Pavlov

The executable r.g._mechanics_grand_theft_auto_v-torrent.exe has been detected as malware by 1 anti-virus scanner. This is a setup program which is used to install the application. The file has been seen being downloaded from leto29d.storage.yandex.net.

File name:

Publisher:

Artem Pavlov (signed and verified)

MD5:

7a822646d54d52fd3e1adc90556523a0

SHA-1:

3af565ade0328710686c36ad8c1ed14384a4ca41

SHA-256:

ff0f7f236926da3dfab1940a624734b2687357584ed6f5f0968718b52f60e5ae

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

11/24/2024 3:05:11 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Threat.Win.Reputation.IMP

17.2.23.3

File size:

1.2 MB (1,247,952 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\r.g._mechanics_grand_theft_auto_v-torrent.exe

Digital Signature

Signed by:

Artem Pavlov

Authority:

thawte, Inc.

Valid from:

4/27/2015 6:00:00 AM

Valid to:

4/27/2016 5:59:59 AM

Subject:

CN=Artem Pavlov, OU=Individual Developer, O=No Organization Affiliation, L=Kiev, S=Kiev, C=UA

Issuer:

CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:

1209A99F1D019CE4742AE045D24C83FF

File PE Metadata

Compilation timestamp:

6/20/1992 4:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

Entry address:

0xA8D6C

Entry point:

55, 8B, EC, 83, C4, F0, B8, 54, 88, 4A, 00, E8, DC, DC, F5, FF, A1, 58, D0, 4A, 00, 8B, 00, E8, 94, 02, FB, FF, A1, 58, D0, 4A, 00, 8B, 00, 33, D2, E8, AA, FE, FA, FF, 8B, 0D, 30, CE, 4A, 00, A1, 58, D0, 4A, 00, 8B, 00, 8B, 15, 30, 1D, 4A, 00, E8, 86, 02, FB, FF, 8B, 0D, B8, D0, 4A, 00, A1, 58, D0, 4A, 00, 8B, 00, 8B, 15, 38, 1A, 4A, 00, E8, 6E, 02, FB, FF, A1, 58, D0, 4A, 00, 8B, 00, E8, E2, 02, FB, FF, E8, A5, B6, F5, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

671.5 KB (687,616 bytes)

The file r.g._mechanics_grand_theft_auto_v-torrent.exe has been seen being distributed by the following URL.

https://leto29d.storage.yandex.net/rdisk/5017e4dcad670409269b1b45606491ef1f76f19db4a20095508f90a3c083e0b5/563b2988/.../x-msdownload&fsize=1247952&hid=5d6ad729b27fb91ed5e225951db355ea&media_type=executable&tknv=v2&etag=7a822646d54d52fd3e1adc90556523a0&rtoken=876553fcd08c3e4d9acc94b407c85688&force_default=yes&ycrid=na-70a5b35fdf7d716f1bf4f225582be001-downloader2d

Remove r.g._mechanics_grand_theft_auto_v-torrent.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.