home

18_wheels_of_steel_across_america_48426.exe

The program is a setup application that uses the Wise Installer installer. The file has been seen being downloaded from www.laboratorycenterconecpt.com and multiple other hosts.
MD5:
5f6af838c2bc77c306b08fc57c2cf483

SHA-1:
65dd1345b7e7587debde11ecdd502e4b9fedd1f2

SHA-256:
3b6f0824c8c706f8c0f0d98441c88cfe90b7283561f68a77ea6072b446400595

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/15/2025 6:47:14 PM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
23.00.65.141126

File size:
144.3 MB (151,330,659 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Wise Installer

Language:
English (United States)

Common path:
C:\users\{user}\downloads\18_wheels_of_steel_across_america_48426.exe

File PE Metadata
Compilation timestamp:
10/25/2001 9:47:11 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3145728:K1+VWTxs6LtmGPb3lmoXihWJZea3wJOWfUPvEXVeOu8p+8SWpP:++l6xmAooXikxCCPMleOuQ

Entry address:
0x21AF

Entry point:
55, 8B, EC, 81, EC, 2C, 05, 00, 00, 53, 56, 57, 6A, 01, 5E, 6A, 04, 89, 75, E8, FF, 15, 54, 40, 40, 00, FF, 15, 50, 40, 40, 00, 8B, F8, 89, 7D, F4, 8A, 07, 3C, 22, 0F, 85, CC, 00, 00, 00, 8A, 47, 01, 47, 89, 7D, F4, 33, DB, 3A, C3, 74, 0D, 3C, 22, 74, 09, 8A, 47, 01, 47, 89, 7D, F4, EB, EF, 80, 3F, 22, 75, 04, 47, 89, 7D, F4, 80, 3F, 20, 75, 09, 47, 80, 3F, 20, 74, FA, 89, 7D, F4, 53, FF, 15, 6C, 40, 40, 00, 80, 3F, 2F, 89, 45, F8, 75, 64, 8A, 47, 01, 3C, 53, 74, 04, 3C, 73, 75, 06, 89, 35, 58, 53, 40, 00...
 
[+]

Packer / compiler:
Wise Installer Stub

Code size:
8.5 KB (8,704 bytes)

The file 18_wheels_of_steel_across_america_48426.exe has been seen being distributed by the following 7 URLs.

http://www.laboratorycenterconecpt.com/dWPBxJOuxBdsvjmAbKY1Nm0P_lfWjEg2_pRYs6YHLCAAGAuRQ1qqg_qp2ZFJrsgI8ryNc10ZnDFHICpYc53OHEjJKB h3Xnzxy9jD3XQ_1kZUPEtQtqM87b1F8Zfz3R QakNXNd0rWTg3uwF_hrLR6QGpIteGmRpSPiUYUj3WUApQ1UZzQnNpTtN2bMiTChVeiijPAyz_hg8Q6s0yExqrvBZn10EGs_DPJAzQPTJpLAYgD3XzigminDev8yJ5ZhC6D9JN0HziJGnbyG54kSwg3HvBS3lPpyAgm5xWzRrnS1MYDTcJZEYgbcmAmUUcus2TMGqgSI0PmiLLmJEYinkhYL8ivh_h6cmLMxIrTen8vV7bvv84GLu8C1vSqOrUn7W5SrSxXnheq2YtMCBpnyNcXaqrbcraW8IcbnCg_ev1ygPHzAKIFtuap2iNSA9SQEDJND4Q5jb7hA6tM1qpehspUhnINg6uQQZ1I1VdZwb_5wdOkeFokfJrEUwMsjYpYiVAm6SKGOZEKZNY7UudFa0gQdlvMY39RSu sLCh5pIJ_OwvE8QXYppXZbO0b9jbOPjV4u02ifIFJGMRLHIbpCkgTzeUad8yA==-ixqAaHR0cDovL2Fjcm9zc2FtZXJpY2Euc2Nzc29mdC5jb20vMThXaGVlbHNfb2ZfU3RlZWwuZXhlAw==-e

http://www.laboratorycenterconecpt.com/Rg0nbmNY5xMMQFqY4 IYWb2ncS83BtTA_lxISJPE70dm_sk59RxWZ1QvpKigV8MZQNRU5INl5smWd29 f6gbrSoXLmDEHtaWJdPO2LE4KSLYa4trjgxUXcyUusshBbnFKnXXLpxpIs8MZwKm38icuigG5V0reooXsZCdSVe5yHB4aiaYIqVffaLyoYF7dVn_b WoWriGyLhXHBUgXe8FAOKvb_jxmUt7yJA293qTYU76 I0QJZMyqeTzS2QIOoEWxU4ZcPC9YaZhQP0f_cTAbw804cBaJo2BIVdPXe19Y0mGny1QyarzULAaAr3pTa4tzkKaBuuEmO5ueVBOn _rF ZUrSBNV3sAumxwM3Mcec_IUel2xsz9cIrgfhtv_br8WSH3Q_kJPSXdUfvNWke1ovKq5_tXSEM6tmXET18Gj mUcUoH7Qyps3imyWUcLdf0P0_9apYqKtKB1WidfRkjXwsfQoDrr7 vrOVJmYlu C4KJBGqAnGXldwFGrH8Iqs4CXYoZbgvLgiKBKmQ_QGquKH5v0gQBPrivQnnB94AbiI9egQP9m_UQUcuX3dP6Y6xR9rIAyGxmrYLH_cefhmdkqL8rjd_A==-ixqAaHR0cDovL2Fjcm9zc2FtZXJpY2Euc2Nzc29mdC5jb20vMThXaGVlbHNfb2ZfU3RlZWwuZXhlAw==-e

http://www.tamindir.com/indir/MjAxNi0wNy0wOCAyMToxMDo1Mg==/18-wheels-of-steel-across-america/windows/.../

http://gsf-cf.softonic.com/23b/75e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=32227&instance=softonic_en&type=PROGRAM&Expires=1440633125&Signature=Pz9D3VS6shzm-z0jiGqxAHL9T5kc6ALHy5TRFrYbPhTUpFpGrSIGgrwy13pdMqR4Cs2892UejAoysSaW3HrRYn4AimSn6zdtZAiescyPCavOytVm4CBrmWHTQVF~vkzt87ilAaQFtOV~E~ZbsbeFWXxS094tkYh4kd7Vxq25Wzw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=18Wheels_of_Steel.exe

http://18-wheels-of-steel-across-america.soft32.com/get/file/id/.../?rel=center

http://gsf-cf.softonic.com/23b/75e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=32227&instance=softonic_en&type=PROGRAM&Expires=1448515725&Signature=VNAPZYAyjm24qowSP3Z5yVTVDurtpykq1~fWCuRt75UWqlWCnSWekQpHHRB8aUQLLrd-4VWMBDxbMpttiuYE4GGSLx1Y~ZoIPCKcnZPF7l1adBA03kpWg69qJOQYooDo1cdviqHqcXpB-GCAZMHXlCoSUPJuzYXQ-ZVWFCHV3o0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=18Wheels_of_Steel.exe

http://acrossamerica.scssoft.com/18Wheels_of_Steel.exe

Scan 18_wheels_of_steel_across_america_48426.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.