home

vipmodez.exe

NovalEECHCheats

BKHN

Publisher:
BKHN

Product:
NovalEECHCheats

Version:
1.00

MD5:
9a0849354821e4da732a020c9627c917

SHA-1:
a24f09f73883af436ba75f8a5cd1039fbac45a41

Scanner detections:
5 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/26/2024 12:47:55 PM UTC  (today)

Scan engine
Detection
Engine version

McAfee
Artemis!9A0849354821
5600.6717

Quick Heal
(Suspicious) - DNAScan
7.15.14.00

Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48
23.00.65.15630

SUPERAntiSpyware
Trojan.Agent/Gen-Alient
9779

Trend Micro House Call
Suspicious_GEN.F47V0201
7.2.183

File size:
68 KB (69,632 bytes)

Product version:
1.00

Original file name:
CFCheat's.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\vipmodez.exe

File PE Metadata
Compilation timestamp:
2/14/2011 5:31:05 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:tOJe+wwFfB9PM82nFuYUlY+pFhJgElf6VlJAANOo8uiPbTiADEokKN2DO:tOoCFfjM8mFu7lY+xJ1AAVuiPXiVRDO

Entry address:
0x128C

Entry point:
68, 3C, AE, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 83, E9, C2, 78, C1, C4, F4, 4D, 89, B2, 76, 75, 38, 48, 64, D3, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 4E, 6F, 76, 61, 6C, 45, 45, 43, 48, 43, 68, 65, 61, 74, 73, 00, 00, 00, 00, 00, FF, CC, 31, 00, 13, E2, C7, 5F, 5C, 4D, BC, 8D, 47, B4, 12, 29, CA, EC, 12, 57, AF, C6, F3, 86, CE, 19, 71, 68, 45, 94, FD, 64, 81, 18, 82, 73, F3, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
6.3888

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
52 KB (53,248 bytes)

The file vipmodez.exe has been seen being distributed by the following 7 URLs.

http://download1957.mediafire.com/q9h52h2g57bg/.../CFCheat\'s.exe

http://download1134.mediafire.com/e26we44h7k8g/.../vipModez.exe

http://download1731.mediafire.com/v2dwt6suj1ug/.../vipModez.exe

http://download1957.mediafire.com/bauhxt0yu9pg/.../PointBlank.exe.exe

http://download993.mediafire.com/6jr14u32vd1g/.../PointBlank.exe.exe

http://download2071.mediafire.com/wf8dnk5d25kg/.../vipModez.exe

http://download972.mediafire.com/5ljj2jle33xg/.../vipModez.exe

Scan vipmodez.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.