home

bolek_i_lolek6.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from s98.chomikuj.pl.
MD5:
09c7cb4f68a7f7bb2f5ae59036f36507

SHA-1:
7c3539bca4cb4ecd8ed6920c94ab19e4b7d3a403

SHA-256:
eb6cedf6879c2646dab7fbd1ac5f5a548e5f80da2dfcf184f11c3bba02d2b7dd

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/17/2024 12:52:37 AM UTC  (today)

File size:
593.1 KB (607,341 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\bolek_i_lolek6.exe

File PE Metadata
Compilation timestamp:
1/25/2007 3:30:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:IzqWGNTWvO/JobZrVCmBAxhLfP0FqzKwuprm1qFvTLkHZO/Xyg21mec0J:Iz7GNTF/abZrV3AzLfMdriqFTLk5jT

Entry address:
0x1E5A

Entry point:
6A, 01, FF, 15, 0C, 70, 40, 00, 50, 6A, 00, 6A, 00, FF, 15, 10, 70, 40, 00, 50, E8, 98, F2, FF, FF, 50, FF, 15, 14, 70, 40, 00, 55, 8B, EC, 8B, 55, 10, 53, 56, 57, 6A, 03, 33, FF, 59, 33, DB, 23, D1, 33, F6, 33, C0, 80, FA, 01, 75, 0A, 6A, 01, B8, 00, 00, 00, 80, 5E, EB, 20, F6, 45, 10, 04, 74, 07, B8, 00, 00, 00, C0, EB, 13, F6, 45, 10, 08, 74, 0A, 6A, 02, B8, 00, 00, 00, C0, 59, EB, 03, 8B, 4D, 10, 39, 7D, 0C, 74, 3C, 3B, C7, 74, 38, 57, 57, 51, 57, 56, 50, FF, 75, 0C, FF, 15, 50, 70, 40, 00, 8B, F0, 83...
 
[+]

Packer / compiler:
FASM v1.3x

Code size:
23 KB (23,552 bytes)

The file bolek_i_lolek6.exe has been seen being distributed by the following URL.

http://s98.chomikuj.pl/File.aspx?id=41643&vid=27148756&tk=1536733&t=634613793460939665&d=60&k=1325901&name=bolek_i_lolek6.exe&loc=PL

Scan bolek_i_lolek6.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.