home

kulolamacz.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.polpress.pl.
Version:
1.0.0.0

MD5:
583125267d476cd85ddf36fd8ebe886f

SHA-1:
39771668f25c4ebf1c67e934523277d35e22cc78

SHA-256:
abdbce5826cd6a857cc2db98bde0d364e85e8172568ed8a923e28b84a5e528c0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/19/2025 5:14:42 AM UTC  (today)

File size:
3.6 MB (3,782,144 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\kulolamacz.exe

File PE Metadata
Compilation timestamp:
7/2/2014 11:39:56 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
49152:c3xtff7WBwrOVQNhS+T2rgg5uHnirmTcLldjDezSuwYPurAm6qlZ5U:Ux5f7zrOVaxirDLlRDoSYPurAm6qR

Entry address:
0x2124

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, AC, 00, 65, 00, A1, 9F, 00, 65, 00, C1, E0, 02, A3, A3, 00, 65, 00, 52, 6A, 00, E8, 17, C5, 24, 00, 8B, D0, E8, 06, C3, 23, 00, 5A, E8, 28, C2, 23, 00, E8, 57, C4, 23, 00, 6A, 00, E8, 68, E1, 23, 00, 59, 68, 48, 00, 65, 00, 6A, 00, E8, F1, C4, 24, 00, A3, A7, 00, 65, 00, 6A, 00, E9, 03, 89, 24, 00, E9, 9A, E1, 23, 00, 33, C0, A0, 91, 00, 65, 00, C3, A1, A7, 00, 65, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, F0, 00, 00, 00, 0B, C9...
 
[+]

Code size:
2.3 MB (2,420,736 bytes)

The file kulolamacz.exe has been seen being distributed by the following URL.

http://www.polpress.pl/kulolamacz.exe

Scan kulolamacz.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.