» 18wheelshaulin.exe
Overview
Analysis
File Details
Downloads (19)

18wheelshaulin.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.edownload.cz and multiple other hosts.

File name:

18wheelshaulin.exe

MD5:

c980cf8430067033d91ee1a5b01ac1c9

SHA-1:

1126aeef855ea399717dee132a698afe3439e72d

SHA-256:

5218d99f9053393bf89c80505addb7a9579ec351004ef523eca197ed0c00b611

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

2/25/2025 4:11:41 AM UTC (today)

File size:

144 MB (150,953,462 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\18wheelshaulin.exe

File PE Metadata

Compilation timestamp:

3/19/2005 1:58:02 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3145728:e0TJbmQkOJtNjD/PBQGTEj6Ekw+gzEe861pX2q1ZjqmMhpnJIQA7pxkuFyvuU:pVbmQkOnN3zdw+gAGh2PHnmbcuq

Entry address:

0x402D

Entry point:

83, EC, 20, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 92, 40, 00, C6, 44, 24, 14, 20, FF, 15, 28, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 68, 54, 92, 40, 00, 68, 20, E8, 42, 00, A3, D0, F0, 42, 00, E8, 97, 27, 00, 00, BE, 00, 64, 43, 00, BF, 00, 04, 00, 00, 56, 57, FF, 15, C4, 70, 40, 00, E8, 7A, FF, FF, FF, 8B, 2D, 8C, 70, 40, 00, 85, C0, 75, 21, 68, FB, 03, 00, 00, 56, FF, 15, C0, 70, 40, 00, 68, 4C, 92, 40, 00, 56, FF, D5, E8, 57, FF, FF, FF, 85, C0, 0F, 84, 47, 01, 00, 00, BE, 00, 50... 
[+]

Code size:

23 KB (23,552 bytes)

The file 18wheelshaulin.exe has been seen being distributed by the following 19 URLs.

http://www.edownload.cz/sw/18-wheels-of-steel-haulin/download/.../

http://www.towerbitscenter.com/6lCvrkWyo4aNM6s7adh2n6LYJnuvBvT86z0DFlkFU_4usKWJbbPExEt_H2WbNU03EPm73wwZK9LWGzebX bNukAXroN9_SiwXc1b2I_lkIV8R8wS2Vq HtN27Z7fUuAq8O82GEe6vjIJyKDa1 r7fOq_uN ynS1dU3qopcCjFSQqTbEcFG4zOF9a6QjFplRfSD_t4q4pVrUndj3rwUEIs5C2hRq1DWj CSoyIr4ou4ZLqfQXMp0=-ixWAaHR0cDovL2hhdWxpbi5zY3Nzb2Z0LmNvbS8xOFdoZWVsc0hhdWxpbi5leGUD

http://www.towerbitscenter.com/1vevbD0ckjM3FbUwhIKfHQaJzw1ZxFHrJvTz83nv_Vd8cQcujvirVPCkkqd7g13w Sq3Dgn0QzaX1q78_GS1WtH0uZyRatLAk1shzQn3KI1SeCuY2CnYXxI_B5QZuvqNLmRbzqo9v68WLTrcu9LZ8x9tb8cXaxxLVQEg_g5P6FvyjWYY5VoPR0YdF14_2DFjNNtpbUSp5pmQ1bvt_OiTDhkE 36Ux_VQAcDJgoc_qNYssrwU0vw=-ixWAaHR0cDovL2hhdWxpbi5zY3Nzb2Z0LmNvbS8xOFdoZWVsc0hhdWxpbi5leGUD

http://www.laboratorycenterconecpt.com/ru5edBhaj1W5WfF7KhFtDbiB0btc9rHx6vhQF3tCDRUVesskd2arCApbgOBqlNo3GHgEf8qcT1cMspVau P8ar4tm9oUgjUGnGro23T3EBbfUCWwHBdIcOCdouCBit7pBUKRamjPS I vhcGENu4oQcrlIeO8_N6LkIc1X1bk0qUUZNE BprPewo4K6XTaFcNmHPj OJYP3k97Y0k5AzwdNsD3v YvdH5YgLkhoLfIUFaICIhtaYd5BNs4 PiL3HYj9J04cXX295lRKPLqWTh7xXdet0PIqc5MexhaSiJzy79WPC8Rqvn_BMMbetqqFUBaVQqiGEDNEfcxINtVgP9t8zSjVHJxXyeRRERWiPUSiFKZIuvBOX2aP WrYKEQqjLX7pw6wtw BGQRM2QI9EXhiGxis JF13cAWas45FxVch7Mfwneko1RY8bgMpV2aLwYketlf3kTvJtEShxAf4JErSJWH6D4kwKQbgG70CA0sxZLjaRH82wn7MaPBY9AuKHFoYK3Xa1EzT2UYGkBd6ecWBaUl2e15iox56f d9hBUe7aUB8cKBPuAyOqjl4XJkz9p70yWrsPs9RV1kdHZ9T3ALCSTlGg==-ixWAaHR0cDovL2hhdWxpbi5zY3Nzb2Z0LmNvbS8xOFdoZWVsc0hhdWxpbi5leGUD-e

http://www.towerbitscenter.com/_nWS2iuX9ssXgbFvkGYYPG_vnZzT5BBy44ekDqYTdIFFD8fasazvo qrE3haCCR45mTwiqYlJeUj0IjrriZzOWQ_mvk Z22zGlKh_vGp SyFqo4Fd4l2JTd7Qn9BgR6lrUqTRpm7Jk_YeRXhkqYKHCxrT9qBSIJxBaPlQbQiOY6zb_5dpTimgEJt Bv1ljSiAGyWtDxj_8HtIrSf7FsU5Cfl2U7kGJwXdNz3999ZruXI7JdjrY8=-ixWAaHR0cDovL2hhdWxpbi5zY3Nzb2Z0LmNvbS8xOFdoZWVsc0hhdWxpbi5leGUD

http://www.ranchsendgift.com/ghYOZDGvCWSbCtq4dNT7Fs0UaxvNapiSU0NdhOr7u1a_8tnuNIeYm6EqLjA2bN1C9Jiy_tsP0RGyHE0rp3GTwV0zJqspPBJBqxCbdhN81Ms2oXCOFipajASIUuLsooqH7WfSH8Few8sSFDmfwHQtnPxCNhNyTVrnMxoDUW7dNgV9i R3gAHmILwSmpTWoYIwHf8V4IThpD7sFnxR KL9xAQ9esuSJg==-ixWAaHR0cDovL2hhdWxpbi5zY3Nzb2Z0LmNvbS8xOFdoZWVsc0hhdWxpbi5leGUD

http://www.ranchsendgift.com/F3KMknbZ2sL00l64PGIcwbRWUf719QDJK5zfDn8A3fC4ecn9Rpj0AkOvC42Diom7ZJdkcUTrGfwpZ3w1rqTu3Z70yjTOy63dsy_JLO2v1DLbZYNSe2lfYCpKv03gBMfQMQAsG4z4tuT0pLQMrGEWBoAYpyUjTVvpqThqBgs7K3N4d8rMJI5WzpNAu2raQFWuOOzKYLlluz8jg_dqxv14TOL3Bno4Iw==-ixWAaHR0cDovL2hhdWxpbi5zY3Nzb2Z0LmNvbS8xOFdoZWVsc0hhdWxpbi5leGUD

http://www.ranchsendgift.com/idu5GzuVYnAcp2_H_ ITsr6hfmSsfwpe4AkvJI1LGGX0rcc9dDrkU1ZxrQoHv AOrBMqU6tOyM11U8xjHQycS5wd8umHTffOZjZlQa4tz 8LNbRkSXSuoZvsL2_hbPBw3eqp_qu8dA_g_yfThBGqz25DMUZLrU3Khk y_styO8fXYWiwXtAXYIeGxyUSyLqOcEAqzI2cM6CO4Ds0TXpkAGuzH i0Sfcll50PQh3pztoS4SDo6o=-ixWAaHR0cDovL2hhdWxpbi5zY3Nzb2Z0LmNvbS8xOFdoZWVsc0hhdWxpbi5leGUD

http://www.ranchsendgift.com/IXtk5QYnKy6ouiMVDNj_DHSKCjDpnSNuwE9egj0D6DKREQFxYy Wz1xNYEmTGaDuNZp8Sgkvp9AUR6TZRbzC5fNYQpmmsp7pbr38xZwlW7bhEIDTPqeg_Vt2Tl6IfeerBKzyY9BTSVGY_41yMce80KHRKB5Ej6hmRzRurTFKATchuLEe4a0k33yILSYEvF89FRNgfi_Xnv3yyNYaO3NN 02q2oOdbb 6HErkIKxyrUOTol_AnnE=-ixWAaHR0cDovL2hhdWxpbi5zY3Nzb2Z0LmNvbS8xOFdoZWVsc0hhdWxpbi5leGUD

http://www.ranchsendgift.com/RqjJ0uzKXh043TOd8GcyG0LLWoVqgSdOr5VMR8hXUrvO9SUcm_Tdhj FRQcdvgLXNEJ3YvR8ObVjrFN8ep0yVNJL x8MLML0UASO0YafkBZ5VdlSpZWaeLoDOK1ao8IS2thwelmHwEKpjooFoK9gqEA4eDndzTXoldPGWGBzgOQs5q46DJusPPOMpeFzV06mEOqD9gqzqCAhETQEu0HIIPRN6MWuks8YNm9ff9nX_XUdF8HAZ8E=-ixWAaHR0cDovL2hhdWxpbi5zY3Nzb2Z0LmNvbS8xOFdoZWVsc0hhdWxpbi5leGUD

http://www.ranchsendgift.com/9 oMmZb0inlwBi48YsN IM79XBq_LzT44M7GYxRU_ddQafnfLbQfjKFwAYGeXVyoXi9RMr1gACCs2Bq_PomHq pO5Wr pDonPtd3vqJtRx3wmHQsR92 gTiIQBNhw9oMhVEgOHqrVvb_4F0VIW2xBsSan75FOhZLRhq1m4_NIS di JfmTMe KzJVXT5NGA1J1J8ap N ig54H_MT9LD1D5un4zmhA==-ixWAaHR0cDovL2hhdWxpbi5zY3Nzb2Z0LmNvbS8xOFdoZWVsc0hhdWxpbi5leGUD

http://www.laboratorycenterconecpt.com/nUK4Da21toJP6WPzRuuQW3umXIHjXDnmHen dTw9AGx2xBACLcmNTAvon YgVz2Ct_tGxo10mPQs OSzfSnD wSRc5IrrYULdxcRF_tcO5tAugqRZA2TNgNizIEhqH4KH_ nraoNF533UJOFYwuNX8haxLMCp6ipLJuFpDdirc2Gt4er8S53wJXuNaQBm3uf a BjSldTdl3pheErvskrC4GTH3xgyuN 1gdx5Vl fjBti_dLHzOb7SPH0N8C_Sc_nNJYOJpx0biHJcK9f8MBqV1hXekv7q6heaK6egnnAgjZlOtzdQwVzD_GUE53LP QrgYxjVzPVoEFyKOY6MWEThfff1YPX9gPZKMGbplCT3_GHnnGsv4JjGjybxf9WdzBYdUt55yQZ_0q_YKun3o3iqabOARMgSMDoEONgtXziU8EQb vyemGOaVsgUgX6XmVH1e3SNPuKK6zqiMTLOCe7TIakamO7lHSXMwVyoZ4reFn7eoGSSueyhadn6bgy7OaEJTtAh5uioskxWApxWL6jiL1Vl04igwtdsZgHr9XCBj7UcLdz7kXg4u_YJ2JlPDIOxYyTFI0qpKE4LLsvEzrzQjwxTRcw==-ixWAaHR0cDovL2hhdWxpbi5zY3Nzb2Z0LmNvbS8xOFdoZWVsc0hhdWxpbi5leGUD-e

http://www.ranchsendgift.com/zCYZ42WijMKJWWraWGuxI0mlycmNIIaaRVUIH1U7UmVnLsPDFPwJDwJNFodutBI2C8ZykvpjbBIvhUP Mqknu fVi_Bwr85c0cmdZILvZZm_XtcGP9QCL62KURCZFYIWidjRr4VgWwb1FbikNjtWvQ9V3O7 RlnJDg2TiEB2gfPqea8PgM5zD_ydjdxDelEUtvDOa34kGP385B7jZJ5L0VCiyVJkDw==-ixWAaHR0cDovL2hhdWxpbi5zY3Nzb2Z0LmNvbS8xOFdoZWVsc0hhdWxpbi5leGUD

http://www.oyunindir.com.tr/18-wheels-of-steel-haulin-39-16-demo/.../

http://ultradownloads.com.br/.../2,245594.html

http://18-wheels-of-steel-haulin-039.soft32.com/goto/file/id/.../

http://18-wheels-of-steel-haulin-039.soft32.com/get/file/id/.../?no_download_manager=true

http://18-wheels-of-steel-haulin-039.soft32.com/get/file/id/.../

http://haulin.scssoft.com/18WheelsHaulin.exe

Scan 18wheelshaulin.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.