tekken 6.exe

MD5:
096b492f1552141686099c8613d628ae

SHA-1:
a07f4f8c9ec4c5a3d8f2dc6fa9c7103a332d687a

SHA-256:
509c39c8066d81f78565ec859d61537e491edee4617b154155d324785d1817d9

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/26/2024 5:40:46 AM UTC  (today)

Scan engine
Detection
Engine version

F-Prot
W32/IRCBot-based
v6.4.7.1.166

Trend Micro House Call
Suspicious_GEN.F47V0313
7.2.181

VIPRE Antivirus
Backdoor.IRCBot
39222

File size:
648 KB (663,552 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\tekken 6\tekken 6.exe

File PE Metadata
Compilation timestamp:
2/8/2015 8:18:09 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:oJehL6P6Xcbg52wkG1HNvQWgQ7qSnVr7Y57uVMUdin:oJmXT5FkkHNoiqar7mGMv

Entry address:
0x1D168

Entry point:
55, 8B, EC, 6A, FF, 68, 08, BC, 42, 00, 68, A0, 01, 42, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 50, B1, 42, 00, 33, D2, 8A, D4, 89, 15, A0, 74, 43, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 9C, 74, 43, 00, C1, E1, 08, 03, CA, 89, 0D, 98, 74, 43, 00, C1, E8, 10, A3, 94, 74, 43, 00, 6A, 01, E8, 8F, 5F, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 94, 2A, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
168 KB (172,032 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP:
Connects to multitheftauto.com  (91.121.44.90:8067)

Scan tekken 6.exe - Powered by Reason Core Security