» american truck simulator.exe
Overview
Analysis
File Details
Downloads (54)
Network (1)

american truck simulator.exe

The executable american truck simulator.exe has been detected as malware by 3 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.downloadappsflash.com and multiple other hosts. While running, it connects to the Internet address milda.cloudlix.com on port 80 using the HTTP protocol.

File name:

MD5:

d0e96f86c1e2f9943e200afa9c1a4fd7

SHA-1:

7b6b5a4bcfc3245c56a1030f1672322ba987b74e

SHA-256:

688c99e92c2b800ec772655cda9ad5dfb8eb92c4591dca583d6c729bda8bc7aa

Scanner detections:

3 / 68

Status:

Malware

Analysis date:

11/23/2024 6:41:02 AM UTC (today)

Scan engine

Detection

Engine version

Qihoo 360 Security

HEUR/QVM10.1.Malware.Gen

1.0.0.1120

Reason Heuristics

Threat.Generic.Variant

16.12.10.5

Rising Antivirus

PE:Malware.Generic(Thunder)!1.A1C4 [F]

23.00.65.16205

File size:

351 KB (359,424 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\american truck simulator.exe

File PE Metadata

Compilation timestamp:

2/6/2016 3:14:18 PM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

CTPH (ssdeep):

6144:q5SEWs0tqUmR3w6moZXtT4ioPDgY4j04AEqOZ7:qMs3Ur6mCTlpZ7

Entry address:

0x17225

Entry point:

E8, 71, 05, 00, 00, E9, 80, FE, FF, FF, FF, 25, 60, 52, 43, 00, 8B, 4D, F4, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, F2, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, BC, C1, 44, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, F2, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, BC, C1, 44, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45... 
[+]

Code size:

205 KB (209,920 bytes)

The file american truck simulator.exe has been seen being distributed by the following 50 URLs.

http://www.downloadappsflash.com/ SdcjGKfQwl8g7X1e7pnjm_Y3Gts _s_Stgni0 _pFeEgJn0Ln8U4NXTSvCDJMvHT _36oJWjKc6nIjDV0CNwGioCPcYc0EgbZgBNc3P2JKoLmuh tAtyCTheLZNdcm2QXLboPO2z3_e0Eek_YPdldTgetW4zTVjufQ2Sx5kvuFvTBycLQgpDWl6PkNSisPZtv0dbxfW-G1AAAGRgnq2tQWhCM_4JNuDAJaEw0AHtzjbv03BdxxLgFxq3bW8WI MQLuxe_8rugtqvlf XeNkbkpq3k6Hnt9NRfvwvFVSBVkQJBkFpBCcQ

http://igeekbmm.weebly.com/uploads/7/4/1/4/.../fifa_16.exe

http://download1262.mediafire.com/asyrn702fd7g/.../Grand Theft Auto V.exe

http://download1741.mediafire.com/i1mhalisbcug/.../Grand Theft Auto V.exe

http://www.bytesendclear.com/tLVGdjF4Id7TkwQV2OCJ7pkXjGzqZ NW7qL9Q2MflvPfzjx1OFxN_0nd6gRFHZN fNbUo3gnM6tE5kr5PM1i2pLFGu hoj5aYlldGwCxut0DEBq3SWm_KtFVBE JNQouO6 ptXWlbOdTrvH0h5h3Iy7_VDWJJitwU9tSqS7c8xsjEMJGlFBz6GzDD0gK7ouJNiPf7eeLKayMOcoV1IbFfO6VLlgO91EPSPVzFOUod9N4Khvgqv3Bt6kNQsubWTVz5QXwlYaka9TQGSWXarupymaTxq O69Q1HZJOLHxB9fA2EtegidSrFU MjUBz9 zkHHDv9EDTj2OjR4tmJtyybwVWweqIhLIpsBDVLTKquXlsLkFWQzGlN79fsPas Zk9NuMtduUOun4HHWDCrqTKqNXHP5f IU3mobS4i2z0ztzR9KEbAFKJg_bir9m6V4zFkErJ9N_GbHx31R7G8 wsFKtkYxttO55hvRrOLnIABfiRAa3zRgJOYTka2m4py7IySW8Vs4mEdLDq4Yr4OTHdPl3GWLa2RPDVPqE0L6gVndpVwFBKv6LVi7A7mJaWrVvmlFEJ1jd71_huFPaW EWAIG2Fq_nmdg0dghgowFiFdP26sdtVhOci5QpzDkcpK1hGlU9fKN3X-G2sAAORyW0yzROJo6nkb A8zmMiBQysROdhbwDaQN04042lR63U2 _EM_MQrkG7_0ID25d _Z IQ8FiehrRDyxHTDA5n3qgV NnoNRQ7VMPZe0cM12EN7WmfCswBGg==

temp:Rocket League.exe

http://www.giftnewgift.com/5sZfMSIAjqmRGLdT24Igk6v5zUEkPM341g98Pad4p KnX1uphk8oibUKykoABzo_DCL00JUXrilyp2kNWNOC58oZqfaK88SQG49wEdleD0_fnDoa6PvPLCUpLfKfNqZZj2jSJfX 6LGTzyi61v2q2YGNSGuWTW840eonV6Ro2Hn1Ii_i6uouHA j13ijMnIdowIbNRI1rkmv_nbdTGxhjufshmn5J3595DekJRsibMz4yUmwDrbb8s_AacFl1Poj5gq5nJWIzujxoqXP DWUyAUXpnZ5VQ5XPhXxnymrNRaRql4qKnF7eUQ7fLLPRQb4NmiVf1z0pNkJdXV4BSgnuctVFtzRzk2qMKxT drTUCHpGe5pwkCccf0UCZNjVeUkpDfMGcli6c0pRlhLe9HChMmcdYK_JqKORvjFjjSkqKKI_Ehn17malpNkriGFKo5gs bkTDuyqFN2gQqR8CSPi_suHBYaVCvLVp8VtCtt1noKFi3gw=-G28AAOS5YWtGDImZIkOGjs03lKJTDthrZe3zyL8D8MFtCB6_4AikryNtY3Rpi3N7cAakng_yOd377GrqP5d4k 4OF0VzTuIpQWMiLtTR2uq QYMM-e

http://s5850.chomikuj.pl/File.aspx?e=S62Bn-k_uTfJ6nTMJ6NYiMB-VCyOV59i5fTamILSfQ2QLgQKtDFxZNWhJs9fjaGsGKLZiwZrDAQYHm1N4BND82DaZlAFYbTI-CK7rFUUm7eAUZXhdhMuOhLHj7B-pEGAEZhs3xVEPNd7negj56JS-w&pv=2

http://91.237.69.144:666/.../ZKuVSmPS

https://minecraft.softonic.pl/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAMCwgnP4SN6ceDryJz7PbJv3FQNYWEuR8Z8QB0MlMcx90IruMMWSr3LRIl0z7GVuj0jaKNU79g5WjSa/gwooZlzLhPQpw1IYweQj7KX43c3dqUR7wIMhuUKuU2uxP/.../U=

https://mega.nz/temporary/.../qF8QhKYZ

http://www.bytesendclear.com/iMuEv4uuNkMqg8tfh56M32VNCYA5W GF52x1K3ipRLaLzBXbwOyEp1SFTIhpARWCLhNULNKphv3_xpkIUVBB4qJ3EbxFtfVaYFjvXkfbpDEEYXYX6H1pyxEEldDpJuBmESUAcU3A4ixqE3VS5nGGBJgCDEgz_GjVgkeHOuAOlG85nhhL6vMtPVkQ6sVrH9PteQfnz68msmgvMZ qSHKtiNO5GGRgW7zxtTDmhdAQQDQSInUfnL62Cbuys0GNVJ7KAljFDcuBC4gC2TFjnxt2H9oXkIyx66kiTcoozWA_ii8VCzq0PtJjwcQwkpTrQEXqD5vLRAfZCRdrrMoiIql1D_rVV4X70fbeas 8VL7s5MXYFMOrBACFRUCoCr39l4lpgZqmdx8485vPSGk0s65F2oRWvl6BqEFaUebEcjll6g0YTmEFRXdEVHp9RoIL0bFG4ic9fHukg19xXTPwgj J2m_MRjYOBKqYJFfrnLui1J7rw3JTZc2huT3QmbqoJxnDWri1mw37kCavbacrgY8gtKBswZPztSKOYv JySk_JbuwjAACyUKPq9Q fCu7BQaSOUUEcl0XRUgvnwqPFvqxoOKT8EP6Rd9s_CQQyEwGz5GKhPS73duDqsX9oRzYc3Bd2Ps3fa3H-G24AAGR0W0xASIymnk1uDhtw4FQCEH4LFQbixoZu_8eQSHEyrt9V AQEN7Pe6zHsmNX_ismA9RlIxFZ1gmgFYjyh3c7wABMDyyuegrdA8uS9RCogiF9wAg==-E

https://launcher.mojang.com/.../Minecraft.exe

http://s5850.chomikuj.pl/File.aspx?e=S62Bn-k_uTfJ6nTMJ6NYiEgX785x-WAGbOC06odnGYyI3I00jrcHQKBF6O_7sWE887TmGzUSwTy2oIHSunn04TZ9hHL_J7O3GGXslgQkN86HjXbsfqSPVlpXWQMLi64ep4HUG0iG_x5YGrYnqq5tDjDty1WI9wzXiIsLtZLaKBY&pv=2

temp:Minecraft.exe

http://www.bytesendclear.com/1pnPjqLJ42joQoVlGu DPNyUsl8S1hyoPkYoWwEx9rUZAsLqDw2NFYd5r lKv 68cgF6fAmEvW4onRPgJ4Rxhsx0niUWmvGBogiA0PQyr7EYEr7fkwwLcEMXHExMZ8kHT48iCnyxsBHdm8lAVDr4BgVyR1Huts7xFuOzH5wgGNGfxDE0jq3WsfZ8WrsQRzWuD75coaJKUKrizcUNmhmlxZUP aB49APkIi0aAn9bvIBGubA_EDTJc8JKsiaj7N7jgtaxtNCF_vHOFP2sWnbEgoY1WXZPkgAfzP4nuVEL9xj5L8Jbp2XC9NHU0tGYOjjgfqGFS_RM72EJXsonhCVPTYabplky0e_UKD97FT_dH2sBYLK0dgEVAwo5incveETzPBpmLuWFulMLfOaoQdY9v7s_DilEG_EFixVEZU dnabwzLhUt9ypRrTzpX0DAWpCock2t9CI_DAIvcii55OHtsnV1ycUoVoTg0X5lfM E6Wd_5lA8ByakJQENXvR0mi16JNRS_MC4B2SmmAIRgyyjaq25ltLGvtX8v1Pm6AZritbaqSWyF M4FGmRuTVzDktENiTVv2kScn4mrSPvmk7r0hN3ACxpQMMTNZnpLyhdpeKq0PeXADjMfTFJ6p0 adEJEx55uptNDhS5F1Yqvn2dEOEcq4A==-G3MAAOTaXEwPIe3W1DM6e2YGG3DgVCgPZtuwMQae5fRF1FjRTKbFrNep9uMZ2ElWpN3 wQD78u_fMzGKTWIc6PNNwtkrfcKW4gi3zfCslFmRncqSWO_YDmcfHhlehzvo0zsNOgMq-E

http://www.bulkstockupdate.com/c?x=NKjdXX75FfqcZLOy6RK31PSO Q9AKiDH8rgE Yo0UIU=&c=MiKBjVStkxlFchnoMm3syRgG/UFmrXQh1tiO56YXhsDsl4hr2SuNwGSjkGLv4s8ySVpHgWtQtCv2bNuVblSF 8BxNWn3TAUNTwJmaIq5Tuc/.../ogVR&downloadAs=TomsInstaller.exe

http://dc455.4shared.com/download/.../gta_san_andreas.exe

temp:Farming Simulator 15 Gold Edition.exe

http://astrocash.org/.../348424

http://s5850.chomikuj.pl/File.aspx?e=S62Bn-k_uTfJ6nTMJ6NYiCUqqunRe6PU44K4gvrqN9AxrT08E3iHNXM7qlYN06ap785fwPSoz_ezapeOZuN6CwyHX0YStS7fnt7YyADdskDZYahX5xhe9U_XB0270KaRxHsqigROahlnWElJyrCS_1ba5g9iIN9FQdj7O5sTQLc&pv=2

temp:Farming Simulator 15.exe

http://www.giftnewgift.com/Sj7dBq69x5nYlhw2gAS Auyx14_hNXIcf0Y_getarySKTsIYdwmr6dzA77YiJleQKkOFpGNH5_4SRZg0DCN4sLzZ6BtPjw1UApgqdS7wuaoTOnE_xgFF6FSr8b4V44zTTfeKp HcicPuRu1h NV1wjqh1E6_iM8CC4Pd2cc2Sgw3nGYrLv36kNaucrkNVdW8O_Z6T1p Ytx2cuL doBvAF_OT2RCWLee7VbQJUp8MN1DQl5swXDBh k7Syo8VL1awQHN_bm1QR6xRnG_qUBlDrppHgQOV7b4nYRnaClvnieaATq0ujgWW8MyFZTjN9pr05ASvc0KMjZXu5gjieY1IMV5RVLV0oUhVrjBfTZS9NYlce9bS27_2ZMQfNKF4Zu PeYeWg74bsNIIIm3TqspnjSfbhJQpLvdQ8VDvzMIOiKVNfjRUVfsvNO4Fa_gT4GO7VQJgQcVbEtE zxGy0AN9RClrSRr I5wwYCdyZPA MH5zUsvR_I=-G28AAOS5YWtGDImZIkOGjs03lKJTDthrZe3zyL8D8MFtCB6_4AikryNtY3Rpi3N7cAakng_yOd377GrqP5d4k 4OF0VzTuIpQWMiLtTR2uq QYMM-e

http://91.237.69.144:666/.../p3F85uED

temp:WWE 2K16.exe

http://www.appsranchdl.com/c?x=kEh5l4zhlTCnVknoPjDwwAyawvfKFyhegVCdueuNTlo=&c=SeV8kApmveM6N7lug2ArjuPmIMnxT1XnFXmCdFnH9NV1O6zRRKBdahSGD3uOFRDEjx/.../VHoM2NfSU2Py&downloadAs=TomsInstaller.exe

http://www.bytesendclear.com/LAIcGrqFN9rBp8f0PqFVx99razORbyNXjOCsYuP2iVA1EnHRTUXBdttFIl81KFn9OrJcvhKIJGJ9ot4xpp48agyf8lVF9eWwPgIo48zxKJxusdDQQZ_7eV_OCxB55s0XnCMb7Rn9P iyoe0LK7MRX7a1ii96Myc0tw9e ke95eQXGGKadxFMcxQYjM9MLEaA4iDAdR SqUJhgxWb pJ xtf_7gaN60wGm GmY8wWAfidO2JzTX 1jb7c4fLE8uKD9wiR72N u5bM8bNKXr FtpeiR4ZYjfvS yLGnHlqEb9dj9xLe0lgE0pYQNcUTaIWtdhPsAQdhiRoPY 3mPrFl15_JQp2Vo9deP Jk6hDkxVWP8UNL85b6lvk6mSDJWITQz8MOqquut2ka7yVTSfD0qAcrSQ q_yQeTXkruz0mtuoTzGUN99_j cD9TSVW6b3Scmm sNswGhs5sozppFWoE1O5Hx iy_ebPcqtRBwfDMX7zw I8ymHqMNkGCOjBdOyjhfzWjhyfmT8PiSS HDq ydACgSkELMZs X1QAE6dzSQkAoqp z0uolxanFCmWVCi_UdBj81grRM8Um28olc5I6NYu4UvBF xMWhplpRixGgx6TVOc=-G3oAAOR0Lqm6CbXMET3qAV9zBYYNOHAqYEh0sFvAPBA3VjRHD1Km1SakvSYVMYgP4clFBAbh7TNRTAR_4Ip2ixu8LWLaFZEKhScU1y2dQH02ymBSW7LCV8D_UmctB9Ayv3ZVKArZBRs=

temp:Symulator Jazdy 2.exe

http://www.bytesendclear.com/WQZkTN2rkBjZVhqA7jUkvz9sKZRqgLyo1rtEmQlLiTfuG8iY haRi3BCFqNT6RC WFeUYitAt cX3lHk9Z0YZAI8SwHqVQc2jdzaMdY7 CT wYlcy8mzTLBdqWhj8PfvKWjBf0If6NKtfMkn0QuEmNHDz_SfoNKCaWoBf0ksEUlcZ4x4 npOeJ3XKpF3McAyVFMxuUvd_SAwfUOHcRQD2PMOwJzmpmlxqhXakfyvA_6PYyctGthwmk_99fmnNlZFG_6SRFa1JuUcY1l_Vx_lbz7if4JbxWSESc bCwfng8MSGyWBDlmxJ_D1gqLNWX18DD50TzP6geYL1LtADDT3HIXd1k Bxrjzhlf97HgSbwU9Z_OsvihufRaW6piRObGAVHiO RKvxOBaFD8pDJzWSoamygYnM 6svT_yQg63rtm3SvbA2zjwHJqWXpPeVCHEjHPH4eayvxLuYX69wfTHFlc QygJyxKNoakIlIiUNfPeVCDCg CMUsMeGJ0 uLPsD7MCvjWgma5s0DloB5rnnfniAMv_bHABkMy QsEwXqBn90NLyrQbOo8qKLQAGTtkCMlvyzIBSFf59ReGvopA8BpcH6REwgHVkp6leXu3o3Gga3CNSAKsOf4kOM6l1ik4pvh47e94ZZgkn8NenUfHW35gaPXxPw==-G4IAAORqWzEdJCJDE__3jPieqQdcfFFhTqyIJAd4yLY3oUmmgjam0RzdFDOtViHtOaqIQbwLj04kaBDe3iOX9FjDOPuLrPE8CrRtFtCrAI2KisR7ko2gPitm6tZ0ga A_6mORj5Ay LcVKkw5Ces-E

temp:GTA San Andreas.exe

Latest 30 of 54 download URLs

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):

Connects to milda.cloudlix.com (5.199.161.37:80)

Remove american truck simulator.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.