wall hack trainer.exe

The application wall hack trainer.exe has been detected as a potentially unwanted program by 25 anti-malware scanners. The file has been seen being downloaded from download21.mediafire.com and multiple other hosts.
Version:
1.8.0.0

MD5:
d2dc7681d682120bfe3e9a477c709253

SHA-1:
0b5135ef1778712d53e9db1d19995494b2ca75a7

SHA-256:
180e1325de588731090d374776c19a4018a4bb53d0151829a8bcac074471cc48

Scanner detections:
25 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 6:18:09 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.13855324
386

Agnitum Outpost
HackTool.CheatEngine
7.1.1

Arcabit
Trojan.Generic.DD36A5C
1.0.0.545

AVG
Skodna.GameHack
2017.0.2864

Baidu Antivirus
Hacktool.Win32.CheatEngine
4.0.3.16114

Bitdefender
Trojan.Generic.13855324
1.0.20.70

Clam AntiVirus
Trojan.Dropper-26973
0.98/21511

Comodo Security
ApplicUnwnt.Win32.HTool.A
23259

Emsisoft Anti-Malware
Trojan.Generic.13855324
8.16.01.14.03

ESET NOD32
Win32/HackTool.CheatEngine.AB potentially unsafe (variant)
10.12275

Fortinet FortiGate
Riskware/CheatEngine
1/14/2016

F-Prot
W32/Trojan2.NMHW
v6.4.7.1.166

F-Secure
Trojan:W32/Agent.DSOA
11.2016-14-01_5

G Data
Trojan.Generic.13855324
16.1.25

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.9.5.0

K7 AntiVirus
Unwanted-Program
13.210.17267

Malwarebytes
HackTool.GamesCheat.Gen
v2016.01.14.03

McAfee
RDN/Generic PUP.z!gl
5600.6520

MicroWorld eScan
Trojan.Generic.13855324
17.0.0.42

nProtect
Trojan.Generic.13855324
15.09.18.01

Panda Antivirus
Trj/CI.A
16.01.14.03

Sophos
Generic PUA AL (PUA)
4.98

SUPERAntiSpyware
Trojan.Agent/Generic
9386

Trend Micro
TROJ_GEN.R047C0EE315
10.465.14

VIPRE Antivirus
Trojan.Win32.Delf.abt
43864

File size:
686.5 KB (702,952 bytes)

Product version:
1.2

File type:
Executable application (Win32 EXE)

Language:
Dutch (Netherlands)

Common path:
C:\users\{user}\downloads\wall hack trainer.exe

File PE Metadata
Compilation timestamp:
6/20/1992 5:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:HEDCJJDXb8qWvvMyesvleMkWzChpBTfgYvVtcgwSuLnKteh:HmQGbvNvjkJPKuMlXX

Entry address:
0x93BBC

Entry point:
55, 8B, EC, 83, C4, F0, B8, 34, 39, 49, 00, E8, 18, 29, F7, FF, A1, F0, 9D, 49, 00, 8B, 00, E8, 60, 57, FC, FF, A1, F0, 9D, 49, 00, 8B, 00, C6, 40, 5B, 00, 8B, 0D, FC, 9C, 49, 00, A1, F0, 9D, 49, 00, 8B, 00, 8B, 15, CC, 36, 49, 00, E8, 55, 57, FC, FF, A1, F0, 9D, 49, 00, 8B, 00, E8, C9, 57, FC, FF, E8, 08, 06, F7, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5853

Developed / compiled with:
Microsoft Visual C++

Code size:
587.5 KB (601,600 bytes)

The file wall hack trainer.exe has been seen being distributed by the following 2 URLs.

http://download21.mediafire.com/wyjatkw8jbcg/.../wall hack trainer.exe

Remove wall hack trainer.exe - Powered by Reason Core Security