home

steam guthaben hack!.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from download938.mediafire.com and multiple other hosts.
MD5:
d5fe1edb42236db11c04d6893e9e40cb

SHA-1:
c23438c38a12591c55a2cdb09fbb4a3359b59964

SHA-256:
d868ca72b34f11789714ed08c1d948eb14afaf9542ba984e07f0a7656161d86b

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/5/2024 10:39:02 AM UTC  (today)

Scan engine
Detection
Engine version

Fortinet FortiGate
W32/Generic.AC.338F46!tr
7/28/2016

IKARUS anti.virus
Trojan.Graftor
t3scan.2.1.6.0

McAfee
Artemis!D5FE1EDB4223
5600.6325

Vba32 AntiVirus
Worm.Bybz
3.12.26.4

File size:
1.5 MB (1,523,200 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\steam guthaben hack!.exe

File PE Metadata
Compilation timestamp:
3/23/2016 1:52:55 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.50

CTPH (ssdeep):
768:QEglsiqo+SA9leSoflogfaImz4YvXpSDYEnb+z7bsqLsJubMNqn3j+dDfpCu6xsX:Ba1lniImMIMKlTMM3j+1fx6xs5xjwrOJ

Entry address:
0x1000

Entry point:
68, 10, 01, 00, 00, 68, 00, 00, 00, 00, 68, 40, 24, 41, 00, E8, 5C, 40, 00, 00, 83, C4, 0C, 68, 00, 00, 00, 00, E8, 55, 40, 00, 00, A3, 44, 24, 41, 00, 68, 00, 00, 00, 00, 68, 00, 10, 00, 00, 68, 00, 00, 00, 00, E8, 42, 40, 00, 00, A3, 40, 24, 41, 00, E8, BC, 3F, 00, 00, E8, 57, D4, 00, 00, E8, 3E, D2, 00, 00, E8, 40, B7, 00, 00, E8, 6B, B2, 00, 00, E8, 13, AC, 00, 00, E8, 97, A8, 00, 00, E8, 99, A6, 00, 00, E8, 76, A6, 00, 00, E8, E8, A5, 00, 00, E8, 4B, 9D, 00, 00, E8, 75, 8D, 00, 00, E8, 81, 7F, 00, 00...
 
[+]

Packer / compiler:
PKLITE32, 0x1.1

Code size:
53.5 KB (54,784 bytes)

The file steam guthaben hack!.exe has been seen being distributed by the following 4 URLs.

http://download938.mediafire.com/y2aj6rkp5cpg/.../STEAM GUTHABEN HACK!.exe

http://download1631.mediafire.com/t4gpb4d7rgjg/.../STEAM GUTHABEN HACK!.exe

http://download938.mediafire.com/7bx4hzcr1q2g/.../STEAM GUTHABEN HACK!.exe

http://download938.mediafire.com/wb1w3gdbp05g/.../STEAM GUTHABEN HACK!.exe

Scan steam guthaben hack!.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.