» קבלת שיערות מנהלים.exe
Overview
Analysis
File Details
Downloads (35)

קבלת שיערות מנהלים.exe

מיקמק

This is a setup program which is used to install the application. The file has been seen being downloaded from f2h.nana10.co.il and multiple other hosts.

File name:

Product:

מיקמק

Version:

1.0.0.0

MD5:

bb401ca5ad63ba87c0e77a91110bb56a

SHA-1:

c5223d7bbe658713e740d2617c80f9d04b1cb122

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

12/27/2024 8:32:36 PM UTC (today)

File size:

200 KB (204,800 bytes)

Product version:

1.0.0.0

Original file name:

מיקמק.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\Documents and Settings\{user}\My documents\downloads\???? ?????? ??????.exe

File PE Metadata

Compilation timestamp:

1/14/2012 6:50:12 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:FT09sY24KCBphobcXpxJXTxPdpX2YW/Tl6F7CF3F0vuyZ4xirvb0G2iIZQQKVz2N:Y3toIXPdVfMl61CAvqi7IviIZy

Entry address:

0x329FE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.8309

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

195 KB (199,680 bytes)

The file קבלת שיערות מנהלים.exe has been seen being distributed by the following 35 URLs.

http://f2h.nana10.co.il/.../3rn1al77ww0i|823873f23accf4a9822099ef2d66c054|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|5f8138d0f0a26999432968178a4d2776|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|6b4bb58e6853a4aa57f4d8973df0a2b3|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|2347847ab848d60b5f62af637f9f1756|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|5079f137b608cbb4f837cee879186e8f|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|ded2eab99b06f8126a3a30baf57047e9|.exe

http://serv33.f2h.co.il/.../3rn1al77ww0i|ba0c4fafeb88ec6f3abbd71bd5d2484a

http://f2h.nana10.co.il/.../3rn1al77ww0i|96135603de173c4ad3b0e9d441a3ad4b|.exe

http://serv33.f2h.co.il/.../3rn1al77ww0i|8e55d5af8172c2c4c5f2d0b50dc0bf42|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|f8e8ce335cc90620ddfd326d2b018d4f|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|d2ae3f46f438b44811675b56e24455ce|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|9e1857f1a0b7b0a59d0cbdf3a15047b1|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|4a8acdbb46a3722202a618398209b926|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|7ee5182fb132590048e9c8e1a91db412|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|87fa69f2971776359dc0dc1906c56b1a|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|353edea16d1073860909c3b51340c0b0|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|39244a50d8ba92993660564852a86bf7|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|367c750b08274b2425a44a2124a21bf4|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|df7907c49323a98951ee71bf737cf558|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|a4b72b4de8a16bd061c8132514188c37|.exe

http://serv33.f2h.co.il/.../3rn1al77ww0i|98ebfbe9fd70978681e2a0b2585c12fa

http://f2h.nana10.co.il/.../3rn1al77ww0i|067dd86f47c90add3b34db637efeb18e|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|8bf90ac5f83d53502e772eaea34ebe85|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|80e9d4c612b8a801ba1a3e2ac8300ba5|.exe

http://serv33.f2h.co.il/.../3rn1al77ww0i|aaaa546e828f46b1ce5f477e604a9418

http://f2h.nana10.co.il/.../3rn1al77ww0i|de9fc26f905158115ea6fe3a715bee9e|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|8906c4e30d1808c2e031cf75f465da6e|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|2bc155e0d2aa9a4af8a2777ac4ba88bb|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|b2fb00112ccdce9f4296ef690064d285|.exe

http://f2h.nana10.co.il/.../3rn1al77ww0i|71f99dc9e8a20d1bf0fe88db01760a71|.exe

Latest 30 of 35 download URLs

Scan קבלת שיערות מנהלים.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.