» kulki_v50.exe
Overview
Analysis
File Details
Downloads (23)

kulki_v50.exe

Super Kulki

ALLCinema Ltd.

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

kulki_v50.exe

Publisher:

ALLCinema Ltd.

Product:

Super Kulki

Description:

Super Kulki Setup

Version:

5.0

MD5:

0e2e77bc39ad881d17e2c2f67964727c

SHA-1:

c64d347ebbe4364130cd5b9f4a08471efa0f8ebe

SHA-256:

e115974336445f2c83c6f4b068d5c8f362839fab2c850d1b9ae777dddf8ef819

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

12/26/2024 1:51:40 PM UTC (today)

Scan engine

Detection

Engine version

Clam AntiVirus

Win.Adware.Adseo-4

0.98/21511

File size:

6.5 MB (6,823,849 bytes)

Product version:

5.0

Artur Majtczak

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Common path:

C:\users\{user}\downloads\kulki_v50.exe

File PE Metadata

Compilation timestamp:

10/30/2010 9:54:54 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

196608:5t1Pz53dmo1k836bf2vs2mqmM2OT048hzShd:5t1PzzV6bYmqBxmh0d

Entry address:

0x16478

Entry point:

55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, B0, 52, 41, 00, E8, AC, 03, FF, FF, 33, C0, 55, 68, 45, 6B, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 01, 6B, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, 4E, EC, FF, FF, E8, F5, E7, FF, FF, 8D, 55, EC, 33, C0, E8, 7F, 84, FF, FF, 8B, 55, EC, B8, AC, D6, 41, 00, E8, E2, E9, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, AC, D6, 41, 00, B2, 01... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

84 KB (86,016 bytes)

The file kulki_v50.exe has been seen being distributed by the following 23 URLs.

http://gsf-cf.softonic.com/c64/d34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=98348&instance=softonic_pl&type=PROGRAM&Expires=1481435688&Signature=YFdvz2g3uDYaPfHy7zHkT1U9aZHRCOrI5jKiNhq-ocJ-2282OArbsEpkgWvfqt6bATSSssfunhQr4Og8lw42nsrEMj7Z5ylcVZ7hw8~hMiE5Hwb44VtwOXp2~o9zAygqy0s~sENQ0oIC~xVXhXWH0Nk9KdYcgsHXHOYp610T8js_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kulki_v50.exe

http://gsf-cf.softonic.com/c64/d34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=98348&instance=softonic_pl&type=PROGRAM&Expires=1488055078&Signature=ZOLCok6iez9WkNKW7893jPSU56U3~i8ZyLIEp-CHiCnlIBWo0lLsRIHBFmi41WIJx5wcDinTNLVyUGWUv0SvfK3Ld1-mN1HALW6iKmBszXcxN7LUFl1x6Xen~xH5b5buhTd569WpND1sQaXxvQcjFhGZR0CRBJkaHn9mM0Vxszc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kulki_v50.exe

http://s10389.chomikuj.pl/File.aspx?e=OotSdlTOjOhi4y-Qy_LB3BJ1ICdBl5UEsfb2tzi6dKQ-D0iYL9DBTMeqQYVLL28UfF3Rqmegxen3wkfuRcY-J55DsMsA48HUhqO1s4V549gMrTTx3z-MghTl0Ame2TIGQtKMxqnhM-bfHDQvJ3Xldw&pv=2

http://allplayer.org/.../Kulki_v50.exe

http://gsf-cf.softonic.com/c64/d34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=98348&instance=softonic_pl&type=PROGRAM&Expires=1480156117&Signature=XddGVAGpKH0~xDxViXggTWV-Ll4j8AsXNShhHfeqnLA~OVP~BaJqXQVDUx-nCB~QH6FuySlKY6dAbUJnnaJ59eyuSDckbCakgYxjNZ53IfGHHxUuTOXlc1yfboHB~~dHaf97awgO1MuzGaS0s~TSEkxaaaSt4eU4q7cC2CvMBMQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kulki_v50.exe

http://i.download.idg.pl/fannef/e443ac41a7076395167db2d1289620fd/567befcf//zx/cyberjoy/dema/s/.../Kulki_v50.exe

http://gsf-cf.softonic.com/c64/d34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=98348&instance=softonic_pl&type=PROGRAM&Expires=1474438273&Signature=CZclwsOtTWZwAiYHEelujIT0dtGiAuL7ikJnQG9KQelOmmnHMN0xU09JRLXZu6FPSUEF2OBO7etSZTb8uwNA0J~qHRbw0Bs1aTh90ZsMn269oTVnVex5VQezeYAnFqlK6N7kMaaa2R9G8uSEs7j04t0A2QwirN6S2kI2QrPVXeU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kulki_v50.exe

http://i.download.idg.pl/fannef/1a453dd0a7126b5a7cb60aa6ab11d0f3/56e30598//zx/cyberjoy/dema/s/.../Kulki_v50.exe

http://gsf-cf.softonic.com/c64/d34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=98348&instance=softonic_pl&type=PROGRAM&Expires=1469770740&Signature=DUIco7qHyPBpD5h5xWe5QigXx62EoXCAS~c-KMh-F3ZjhRcu9LZbluFYLAJ~56LfJCwRHgwoG8DtIg-1CmF9omLpo1GC0X5oStosEHkM8dChHtl2Ef77xU78e8ACnVNZ-JkuwhCOFSK5g3W20VxLqA-slz8~lw5Rb0~2Efqs2wk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kulki_v50.exe

http://gsf-cf.softonic.com/c64/d34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=98348&instance=softonic_pl&type=PROGRAM&Expires=1451540250&Signature=Hu6lVSenPo9sy5r8oxjqppCAqeyE3TvjuSItZf9oG0yrIR0~yjzSBYUPXO0ud6wpL0xkrpbJTaOqfDGLYeQoiQpAocLH43xSEsiemXcJwUneipi9pkTVXrWgAQDUNcm3bGaPphltsmukWh3BT9wAehSBvoCtifJk45DSzv-alRw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kulki_v50.exe

http://gsf-cf.softonic.com/c64/d34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=98348&instance=softonic_pl&type=PROGRAM&Expires=1464924067&Signature=ZJ2yYiJTLQZrnmVZHDudqnwpr-EoAH5cdb47gMUucGD0IiAj5BMeNNQKNMovceOHmj8Ei6FFN7cy6RHmfxDsJ0eN96US9uc1JuhqMYFZx0NZwDrIE9QD68yh08cbSxtW7Uba9RqgznLDGf0IFL1RsCoD0QPUZsSh1fAD1vXQbtM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kulki_v50.exe

http://cdn.komputerswiatplcontentlaboratory.com/c?x=h42qDZZ9lakQ19nXwoJsoS9kFLXG4pDGEP1SjpCMV1c=&c=t66ntgrHkhO2 CHV70sAWHp5KzbNusbVEZLopkdSwMhpl7q L9AMgUTREVH0YHCYIdrElBaRnDChZ9sOKJ6ZFDOFcG8JYATp2ZxKilXjc8OygpO4kbz FlsT/6R0X9NadYCX21xmKK7/GBo0Yt5X0w==&fallback_url=http://files-download.komputerswiat.pl/GryIRozrywka/Logiczne/.../Kulki.exe

http://gsf-cf.softonic.com/c64/d34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=98348&instance=softonic_pl&type=PROGRAM&Expires=1456314951&Signature=Xpjdc5qD3tvbudttedLKimiR2sluAmmrr1K6lEmk7NFcAODm1Jb7oJrSosYHtyEr7Ft9fJ6widoG4s5kuasM-ir5ltIy8diwdfZouEuHDRsTiUh1sb8srcGfCKnwMj4N4nA~-lT-XzYTfxtUKRGaGPLrXaiuPIata2GFqI3XbUk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kulki_v50.exe

http://gsf-cf.softonic.com/c64/d34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=98348&instance=softonic_pl&type=PROGRAM&Expires=1460423872&Signature=Rl2zBBTZp-yzjZJCyXv2oaM0OVQFfTr098w1ezOQ2kxCh8HGBxv5gypsQovyUC3i558HqplUUGZZaPpgEPySwfGSYJWjUqmaXjqcDPB7y5cQfeD2T4sQwPvGXamN2EULODeWNa2mZJFT0~8yXUv1U0yCQQkdee0odhqZ1AUIzfc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kulki_v50.exe

http://gsf-cf.softonic.com/c64/d34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=98348&instance=softonic_pl&type=PROGRAM&Expires=1448143344&Signature=SCcbrkT5LC8ktekIeCnct7e-YZITL11OCiEV62w3L025Yx3p~iP22A3-34QnbOPDwv4RGAVqxe0tc3RreZJevHq0~SmPdC9toIX3agnz2SSbNsh1~FnuokoiGmfJ5FRSJZEv3NCX0uRx5NRdj2wpsY~-qwRVHf5RDPlEhHSulnA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kulki_v50.exe

http://www.dolinagier.pl/gry_do_pobrania,kulki,10,1,super_kulki,171,1,0.html

http://s10389.chomikuj.pl/File.aspx?e=OotSdlTOjOhi4y-Qy_LB3KsSOA-zfmWQXQZlz6TH3CEmRYJVw27plrrzOXZeOgToIJQmgTZJcQlMoYsyqXHAdoaUmaMT30Mca8kmzwiRUrWKRhhnTgKYe_ZwTwrixKBGltBH7FdrqlaJExdJ2_-M8g&pv=2

http://gsf-cf.softonic.com/c64/d34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=98348&instance=softonic_pl&type=PROGRAM&Expires=1456256893&Signature=Cu5FvvVMeCLjPz~RtZMyDQpZ2lhsOkailf2ewXF2IVxDTgfFuvWxkg~j-WmQxGfNV4fZQfqe4w56NwU0TdJ9Ui0L5LIQBVhVC~saTrUCWKJjkx~uAr1OljpWypyaKABr47HARAaxYirJzARacbmMfSo7potAQsq2jTogfVR0Cjc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kulki_v50.exe

http://gsf-cf.softonic.com/c64/d34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=98348&instance=softonic_pl&type=PROGRAM&Expires=1457766950&Signature=NdizMFl2h5zpmCrJDYu2s6DsBrHGdICVh1q49nJs9S5F8r3HLnXwTdq~vA-9db43FiX-O4CVak4FM-NbGEM7BHVWP3zgTjkFz7SGElhuWu5dvZNkr0chbJwSXhvb~lIVirSgaWv33qYvPOboJWlIlxo~9SpLjbQgmTdME~4BIJk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kulki_v50.exe

http://s10389.chomikuj.pl/File.aspx?e=OotSdlTOjOhi4y-Qy_LB3BJ1ICdBl5UEsfb2tzi6dKQkUou7cV5o8yrCZQQsxBvDf43j_5zHwbHrf4IuuXmD3NO_Tw3Yb3d0vdNnosBB1Bw3gZqCFO0xQrAsNmcnytzdZt-lxgZyeqSsWf2mz73PNQ&pv=2

http://gsf-cf.softonic.com/c64/d34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=98348&instance=softonic_pl&type=PROGRAM&Expires=1436466418&Signature=S5t7PQWxPsADnAVDbonVMhXJ4lirymK~2hzC63FYfM9dKGMUkmLPZpDUUBp45V-fiSzB0IErou60O3qNn580g3HXXCukp5nMV~PPTUH9MW71ZD~yT791jkmy4fXbKQdUJ6yNZ3Ew0rh-3qWB5aShMCphVHh8sBMLmiK4XCn7wac_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kulki_v50.exe

http://global-shared-files-lw.softonic.com/c64/d34/.../Kulki_v50.exe

http://gsf-cf.softonic.com/c64/d34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=98348&instance=softonic_pl&type=PROGRAM&Expires=1440738159&Signature=gLxw8ta-yXA04sm0xVZQksAdeELvSQyCp1CdDa0Sh32P2wifftaP2REjQwzvtMZdMUwhy8UwGFCsUgUbnYL3Iup6lWEQUxInjn6Y-sRTS2e7Bb00QO8dimTzp6pvS76VOYpeaUZDR3wWPGSTRimuz214QPcSPny65Em7nVosqmo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kulki_v50.exe

Scan kulki_v50.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.