wfsupertrainer.exe

LuxeHack [KANKOSHEV HACK]

KANKOSHEV LH (c)

The application wfsupertrainer.exe, “LuxeHack For WarFace RU” has been detected as a potentially unwanted program by 24 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from rghost.ru.
Publisher:
KANKOSHEV LH (c)

Product:
LuxeHack [KANKOSHEV HACK]

Description:
LuxeHack For WarFace RU

Version:
1.0.0.0

MD5:
805bd9779f6fb530a979bd0277c56872

SHA-1:
50ebde3145bd3e8d5dc0fc1dfe1e588c8d43fb3d

SHA-256:
7cc17f6084316a39f6b5ed616801622732c8d754c51c1797b8d78ecc3afe5e96

Scanner detections:
24 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 5:30:36 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.2209305
338

Agnitum Outpost
Riskware.Agent
7.1.1

avast!
Win32:GenMaliciousA-FLU [PUP]
2014.9-160302

Baidu Antivirus
Hacktool.MSIL.GameHack
4.0.3.1632

Bitdefender
Trojan.GenericKD.2209305
1.0.20.310

Comodo Security
UnclassifiedMalware
21608

Emsisoft Anti-Malware
Trojan.GenericKD.2209305
8.16.03.02.02

ESET NOD32
MSIL/GameHack.F potentially unsafe (variant)
10.11409

F-Secure
Trojan.GenericKD.2209305
11.2016-02-03_4

G Data
Trojan.GenericKD.2209305
16.3.25

IKARUS anti.virus
Trojan.Win32.Agent
t3scan.1.8.9.0

K7 AntiVirus
Trojan
13.202.15449

Malwarebytes
RiskWare.Tool.CK
v2016.03.02.02

McAfee
Artemis!805BD9779F6F
5600.6472

MicroWorld eScan
Trojan.GenericKD.2209305
17.0.0.186

NANO AntiVirus
Trojan.Win32.Badur.cwxrkm
0.30.8.659

Norman
Troj_Generic.ZBXUD
11.20160302

nProtect
Trojan.GenericKD.2209305
15.04.01.01

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Sophos
Mal/MsilInj-G
4.98

Trend Micro House Call
TROJ_GEN.R047C0ECE15
7.2.62

Trend Micro
TROJ_GEN.R047C0ECE15
10.465.02

VIPRE Antivirus
Trojan.Win32.Generic
38956

Zillya! Antivirus
Tool.GameHack.Win32.942
2.0.0.2123

File size:
1.4 MB (1,477,632 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2012

Trademarks:
LH (c)

Original file name:
LuxeHack.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\wfsupertrainer.exe

File PE Metadata
Compilation timestamp:
3/8/2015 7:39:01 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:Wbc20/G9WQkSBLKXnxxNjl/O+PloyIyeFjbQ4hD2uqGCLidQjB3PwHjV:qkGEQjBLKXnLN/loyIPjbNhauqLPB/oV

Entry address:
0x1524EE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.3 MB (1,377,792 bytes)

The file wfsupertrainer.exe has been seen being distributed by the following URL.

Remove wfsupertrainer.exe - Powered by Reason Core Security