home

skidrow.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from s10373.chomikuj.pl and multiple other hosts.
MD5:
5c7efdacedbf2475902375d412091e88

SHA-1:
bceec85169b2d30d15affc15b41926113c3bd1e3

SHA-256:
00961809b521045e85da10166510ce7d54f67bb175d77b4d12d8de443148c07b

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/27/2024 8:45:49 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
W32.W.Sobig
2.1.4+

Trend Micro House Call
PAK_Generic.001
7.2.36

Trend Micro
PAK_Generic.001
10.465.05

File size:
41 KB (41,984 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\2k games\mafia ii\pc\skidrow.exe

File PE Metadata
Compilation timestamp:
9/5/2009 4:13:30 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:cyuDidsWHtkwFP2AjKxDulObKGdJ5Iawd+mGOYuZRA2vYJhAoi9XqL4Fwr0+2UwY:cy25WHtrJjcDuEb36XDGOYu7VYJc9nHX

Entry address:
0x3EB90

Entry point:
60, BE, 00, 50, 43, 00, 8D, BE, 00, C0, FC, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB...
 
[+]

Entropy:
7.8234

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
40 KB (40,960 bytes)

The file skidrow.exe has been discovered within the following programs.

Borderlands  by 2K Games
Borderlands is an action role-playing first-person shooter video game, that was developed by Gearbox Software. Borderlands includes character-building elements found in role-playing games, leading Gearbox to call the game a "role-playing shooter".
www.borderlandsthegame.com
5% remove it
Mafia II  by SACC - TDL
Publisher's description - “Mafia II is a third-person, sandbox shooter that provides a look into the dark and unforgiving world of the Mob.”
www.SACC2020.com
7% remove it
Mafia II DLC Jimmy's Vendetta  by 2K Games
Publisher's description - “Jimmy's Vendetta will take players into an alternate perspective of the mob through the eyes of Jimmy, a mercenary. Jimmy is the guy the other guys call when they need to finish the job.”
www.2kgames.com
1% remove it
Mafia II DLC Joe's Adventures  by 2K Games
Publisher's description - “Play as Joe in this new add-on content. In this extension to the original story of Mafia II, Joe uncovers who had Vito sent to prison and what really went down with the Clemente family.”
6% remove it
Need for Speed™ Undercover  by Electronic Arts
Need for Speed: Undercover is the 12th installment of the popular racing video game series Need for Speed, developed by EA Black Box and published by Electronic Arts (EA). Undercover features a new open world map.
www.ea.com
3% remove it
Pro Evolution Soccer 2014  by Konami
Publisher's description - “Pro Evolution Soccer 2014 title will mark a new beginning for the popular series, with an all-new engine allowing for the most comprehensive advance for the Pro Evolution Soccer series since its inception.”
www.konami.com
7% remove it
 
Powered by Should I Remove It?

The file skidrow.exe has been seen being distributed by the following 5 URLs.

http://s10373.chomikuj.pl/File.aspx?e=0KvYW0Sxolp_WMdW-KFsFwvyjP69_DrjfMJZkLWqHUte7ewEauBqIZYzmlGrSNfyZriErs6Cfwy8D7JxKh5bl9VviTiTTYv8lmhy7RGDQZFLJ6sLHh8jvE8vFkMpovdWTeqXGwzQ6QwV25b_ZzwTgQ&pv=2

temp:SKIDROW.exe

http://s10373.chomikuj.pl/File.aspx?e=0KvYW0Sxolp_WMdW-KFsF8JXNOI1Mqy_bQJxqq3RgBugHsIKSwyM-CLBe7tK3J7LUN8qZi12PdpEDV5YNZJubThSoY-GSBZLvxaXAwEdtAeOFzZZEON5XVCtItUs3bimmNEYX_xLz3VB65nYDDEywA&pv=2

http://s10373.chomikuj.pl/File.aspx?e=0KvYW0Sxolp_WMdW-KFsF6mGrOzbfcbclhadabHkEQ019nUGRhynZg_Gf4KOE2u-65Qxo1qSkWfPtKKUrFrVILnBsVw-IYsyWTkDWMgAWSxjzBp95sQCUGWG04o4-a7yPOMkNcGY5okqofsJXWF6Vw&pv=2

about:internet

Scan skidrow.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.