[www.oldschoolhack.de]_xfire_client.exe

MD5:
1da5ba91a7c2551e9afa69d77a32da59

SHA-1:
93c07e32420ffd59ff91481343cc458b8a5d6c5c

SHA-256:
36b458652045e3e320ad6b7238ea919dca8adaf4b7c0dd772bbbc225af4dd8d4

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/28/2024 12:46:06 AM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.8.6.0

File size:
21.5 KB (22,016 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\[www.oldschoolhack.de]_xfire_client.exe

File PE Metadata
Compilation timestamp:
10/28/2014 10:08:00 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
384:cqk+gtc2RT+8knAea5RPoJixMBk2I9aa69mN3EtmQ+mqT:X36s8gza5RCG2I4KN3EtmCq

Entry address:
0x3B78

Entry point:
E8, F4, 05, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, F8, 56, 40, 00, E8, F2, 02, 00, 00, 33, F6, 89, 75, E4, 89, 75, E0, FF, 15, 0C, 51, 40, 00, 0F, B7, D8, 89, 75, FC, 64, A1, 18, 00, 00, 00, 8B, 50, 04, 8B, FE, BE, B8, 81, 40, 00, 8B, CA, 33, C0, F0, 0F, B1, 0E, 85, C0, 74, 0B, 3B, C2, 75, F0, 33, F6, 46, 8B, FE, EB, 03, 33, F6, 46, 39, 35, BC, 81, 40, 00, 75, 0A, 6A, 1F, E8, 4B, 04, 00, 00, 59, EB, 3B, 83, 3D, BC, 81, 40, 00, 00, 75, 2C, 89, 35, BC, 81, 40, 00, 68, D4, 51, 40, 00, 68, C4, 51, 40, 00, E8...
 
[+]

Entropy:
6.1498

Code size:
13 KB (13,312 bytes)

The file [www.oldschoolhack.de]_xfire_client.exe has been seen being distributed by the following URL.

Scan [www.oldschoolhack.de]_xfire_client.exe - Powered by Reason Core Security