home

foreigngirlfriend_livechat.exe

ODSsoft

This is a setup program which is used to install the application. The file has been seen being downloaded from cloclo3.cldmail.ru.
Publisher:
ODSsoft

Description:
Автоматическая рассылка сообщений

Version:
2.15.11.24

MD5:
f595af21c5aa3a2020c4310ca2d6edac

SHA-1:
f3a7b4f8bf00da0f69309a27fe5e34aa4f03a2c4

SHA-256:
425bec90168d15cda9f144cb74304ef07f31df395a5f66c9036726e88f52d4a6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 3:21:00 PM UTC  (today)

File size:
954.5 KB (977,408 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\foreigngirlfriend_livechat.exe

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:ck9l3smP28Se8nY7PHDSA5zSmS34Arrmvf/be8ZuJ7zGkwPvE0iCWelBCh+:cK3vS3Y7vTpVarif/be8Zu9yDnRW2B6+

Entry address:
0xBDE88

Entry point:
55, 8B, EC, 83, C4, F0, B8, 28, DA, 4B, 00, E8, 24, 8B, F4, FF, A1, 88, 0A, 4C, 00, 8B, 00, E8, 20, A6, FA, FF, A1, 88, 0A, 4C, 00, 8B, 00, BA, 00, DF, 4B, 00, E8, F7, A1, FA, FF, 8B, 0D, F4, 08, 4C, 00, A1, 88, 0A, 4C, 00, 8B, 00, 8B, 15, 30, 77, 4B, 00, E8, 0F, A6, FA, FF, 8B, 0D, 58, 0A, 4C, 00, A1, 88, 0A, 4C, 00, 8B, 00, 8B, 15, 28, 75, 4B, 00, E8, F7, A5, FA, FF, A1, 88, 0A, 4C, 00, 8B, 00, E8, 6B, A6, FA, FF, E8, C6, 65, F4, FF, 00, 00, FF, FF, FF, FF, 11, 00, 00, 00, 46, 6F, 72, 65, 69, 67, 6E, 47...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
756 KB (774,144 bytes)

The file foreigngirlfriend_livechat.exe has been seen being distributed by the following URL.

https://cloclo3.cldmail.ru/TuxBPASjWfynbiuSwNq/G/.../HTPcZbD8k?key=2a3514a7e8073204331bc465022afefade0eb447

Scan foreigngirlfriend_livechat.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.