TeknoMW3.exe

TeknoMW3

TeknoGods

The executable TeknoMW3.exe has been detected as malware by 9 anti-virus scanners. Additionally, the file is typically installed by a number of programs including Call of Duty - Modern Warfare 3 (TeknoMW3) by X-NET and Modern Warfare 3 (TeknoMW3) by Repack ot Canek77. While running, it connects to the Internet address ip-172-26-136-19.ec2.internal on port 80 using the HTTP protocol.
Publisher:
TeknoGods

Product:
TeknoMW3

Version:
2.7.3.7

MD5:
acb1a920e2048d6c2b774e8c8170c876

SHA-1:
749a1d2c915afb260df0f6de5636abfbf88a4bd8

SHA-256:
bc21833068c0e0fbe3b5b91065a975db7acc860b91bb9ab6112f3c46be03a96d

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
11/15/2024 4:49:58 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.DownLoader
7.1.1

Dr.Web
Trojan.DownLoader11.22752
9.0.1.081

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.8.6.0

McAfee
Artemis!2D3121036855
5600.6819

Norman
Suspicious_Gen2.WBJRM
11.20150322

Trend Micro House Call
TROJ_GEN.R00UC0OBC15
7.2.81

Trend Micro
TROJ_GEN.R00UC0OBC15
10.465.27

VIPRE Antivirus
Trojan.Win32.Generic
38706

ViRobot
Trojan.Win32.S.Agent.5409280[h]
2014.3.20.0

File size:
5.2 MB (5,409,792 bytes)

Product version:
2.7.3.7

Copyright:
Copyright © 2012

Trademarks:
www.teknogods.com

Original file name:
TeknoMW3.exe

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
12/19/2014 6:28:40 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
98304:5bwpbwPeV8GTUOO8QtUkd6cuKIfcIS8cXE0qQnfPsxxJOmbw:pmLGmw3tUmzu70IS/nfCN

Entry address:
0x4C5CDE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
4.8 MB (4,996,608 bytes)

The file TeknoMW3.exe has been discovered within the following programs.

x-net.16mb.com
About 6% of users remove it
Modern Warfare 3 (TeknoMW3)  by Repack ot Canek77
About 1% of users remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to lb-182-251.above.com  (103.224.182.251:80)

TCP (HTTP):
Connects to unallocated.barefruit.co.uk  (92.242.132.16:80)

TCP (HTTP):
Connects to ip-172-26-136-19.ec2.internal  (172.26.136.19:80)

Remove TeknoMW3.exe - Powered by Reason Core Security