» rival chess for windows v1.8.17.exe
Overview
Analysis
File Details
Downloads (1)

rival chess for windows v1.8.17.exe

GkSetup Self extractor

Gero Kuehn

The executable rival chess for windows v1.8.17.exe has been detected as malware by 8 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from s10102.chomikuj.pl.

File name:

Publisher:

Gero Kuehn

Product:

GkSetup Self extractor

Version:

1.01.41

MD5:

f7554150dab7b262a67a07ed5ae98e96

SHA-1:

1c57e088c8deba61f71e13890bf98d5b48a3e04b

SHA-256:

d6ec2ca2e2b060b74845bf4a530b04ce8fababf797c2f04147b5e97655e2d117

Scanner detections:

8 / 68

Status:

Malware

Analysis date:

12/28/2024 3:41:34 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Agent.848631

7.11.212.246

Bkav FE

HW32.Packed

1.3.0.6379

Comodo Security

UnclassifiedMalware

21248

IKARUS anti.virus

Trojan-Dropper.Agent

t3scan.1.8.6.0

McAfee

Artemis!F7554150DAB7

5600.6440

Norman

Smalltroj.EKXO

11.20160404

Qihoo 360 Security

Win32/Trojan.d01

1.0.0.1015

Zillya! Antivirus

Trojan.Agent.Win32.180490

2.0.0.2085

File size:

828.7 KB (848,631 bytes)

Product version:

1.01.41

Original file name:

WINSFX.EXE

File type:

Executable application (Win32 EXE)

Language:

German (Germany)

File PE Metadata

Compilation timestamp:

3/17/1998 12:34:34 AM

OS version:

1.11

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.18

CTPH (ssdeep):

24576:ZDq01Wy2MLAmu/harLU7LG4Bpnkgd6YIA:Bq01JfXcanUXGCnkM6I

Entry address:

0x29FE

Entry point:

E9, BD, 12, 00, 00, 03, 10, 40, 00, 57, 41, 54, 43, 4F, 4D, 20, 43, 2F, 43, 2B, 2B, 33, 32, 20, 52, 75, 6E, 2D, 54, 69, 6D, 65, 20, 73, 79, 73, 74, 65, 6D, 2E, 20, 28, 63, 29, 20, 43, 6F, 70, 79, 72, 69, 67, 68, 74, 20, 62, 79, 20, 57, 41, 54, 43, 4F, 4D, 20, 49, 6E, 74, 65, 72, 6E, 61, 74, 69, 6F, 6E, 61, 6C, 20, 43, 6F, 72, 70, 2E, 20, 31, 39, 38, 38, 2D, 31, 39, 39, 35, 2E, 20, 41, 6C, 6C, 20, 72, 69, 67, 68, 74, 73, 20, 72, 65, 73, 65, 72, 76, 65, 64, 2E, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.4924

Packer / compiler:

Watcom C/C++

Code size:

36.5 KB (37,376 bytes)

The file rival chess for windows v1.8.17.exe has been seen being distributed by the following URL.

http://s10102.chomikuj.pl/File.aspx?e=TYt5yqCDioUTtvzOvy-LW2riWhpyuO2HpRiPdgJVScBCl2OB6gnAc_xTXSeRopjCJDZHIkBpV3VlnFr9sGnK22zL_CpSgbtJKAN3WzFEQAwNnfychjuqib9cfmIFjvX2c3MDOf2zkmVj-pIZxAj6WQ&pv=2

Remove rival chess for windows v1.8.17.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.