WTS FurkAn HaCK g1.exe

WTS FurkAn HaCK g1

The executable WTS FurkAn HaCK g1.exe has been detected as malware by 3 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from download1055.mediafire.com.
Product:
WTS FurkAn HaCK g1

Version:
1.0.0.0

MD5:
aef0278cd944bdeddcf128e46ead5bec

SHA-1:
10734d0cabe1f276d96b438329553b2f2f9f610d

SHA-256:
39b982878bdf9b12eb4a7993a1604667ae14ffca5f63f3d5919f902e06e15f4d

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
12/26/2024 2:17:39 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
W32/Sality.AT
7.11.30.172

ESET NOD32
MSIL/GameHack.MD potentially unsafe application
7.0.302.0

File size:
45.5 KB (46,592 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2015

Original file name:
WTS FurkAn HaCK g1.exe

File type:
Executable application (Win32 EXE)

Language:
Turkish (Turkey)

Common path:
C:\users\{user}\downloads\wts furkan hack g1.exe

File PE Metadata
Compilation timestamp:
8/30/2015 3:33:16 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:PfH52LXLpAlxlFj3PCPDr06IfAFbL2XP9GiSEhdpGBCBeHFV:PP52bLpAxlFj3aPJiAh2f4iSEhdpsCBy

Entry address:
0x981E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
30.5 KB (31,232 bytes)

The file WTS FurkAn HaCK g1.exe has been seen being distributed by the following URL.

Remove WTS FurkAn HaCK g1.exe - Powered by Reason Core Security