» kurka wodna.exe
Overview
Analysis
File Details
Downloads (9)

kurka wodna.exe

TopWare Poland Sp. z o.o.

The program is a setup application that uses the Wise Installer installer. The file has been seen being downloaded from www.gry-online.pl and multiple other hosts.

File name:

kurka wodna.exe

Publisher:

TopWare Poland Sp. z o.o.

Description:

Kurka wodna - Demo

Version:

1.0

MD5:

3e41907dc51efe7862b5476b8c09c5c2

SHA-1:

62fbf9672f0ce9801e0987e1582ffe5b9032b4c7

SHA-256:

ebb86c625b312e6f39054a9f76d8a7029e37964222c5134f0982835713313922

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

12/26/2024 4:32:09 AM UTC (today)

File size:

9.4 MB (9,828,419 bytes)

TopWare Poland Sp. z o.o.

File type:

Executable application (Win32 EXE)

Installer:

Wise Installer

Language:

English (United States)

Common path:

C:\users\{user}\downloads\kurka wodna.exe

File PE Metadata

Compilation timestamp:

12/3/1998 11:11:32 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

196608:5JZiqfzJZ3o2+wPil3ZMj7E2d0B3742Sp5QZp6c9FGIxsF7YoKMt:5JZ742+qmpCdur5SjJc9FGI61t

Entry address:

0x21A9

Entry point:

55, 8B, EC, 81, EC, BC, 04, 00, 00, 53, 56, 57, 6A, 04, FF, 15, 64, 30, 40, 00, FF, 15, 50, 30, 40, 00, 8B, F0, 89, 75, F4, 8A, 06, 3C, 22, 0F, 85, 98, 00, 00, 00, 8A, 46, 01, 46, 89, 75, F4, 33, DB, 3A, C3, 74, 0D, 3C, 22, 74, 09, 8A, 46, 01, 46, 89, 75, F4, EB, EF, 80, 3E, 22, 75, 04, 46, 89, 75, F4, 80, 3E, 20, 75, 09, 46, 80, 3E, 20, 74, FA, 89, 75, F4, 53, FF, 15, 54, 30, 40, 00, 80, 3E, 2F, 89, 45, F8, 75, 30, 8A, 46, 01, 3C, 53, 74, 04, 3C, 73, 75, 0A, C7, 05, F4, 42, 40, 00, 01, 00, 00, 00, 8A, 46... 
[+]

Packer / compiler:

Wise Installer Stub

Code size:

8 KB (8,192 bytes)

The file kurka wodna.exe has been seen being distributed by the following 9 URLs.

http://www.gry-online.pl/.../przekieruj_ftp.asp?TOKEN=a3JoZVpYaXUxZW5aejhzMUplTE16ZnpidkJTQm9NS3R1NEMzWXdPODhYWFJzd1NkRmpvQjNsamVoREFLekFsT1pqNzFaZHhJV1BTR2MxMkZrMnNDdVVZTzFFZCtmeURnZDhJeThmQTdxU0RWREJQK3kxcmRycVg1Yk10SzlSNk8=

http://www.bytesendclear.com/WVl6OTRQWEJ0T1cxdk4yRnRSbWRpUkZKeU9URjRPR0VsTWtKc1dXOURRak5SYkdaaFIxRjVNVVJVV2tnbE1rSmFSMkZCSlRORUptVTlNU1pqUFU0bE1rSm1NVkl6VkZWcVFsZG5OMnBPYld0MGIwVjZWMlppY1V4Q2EwZFFiVnBZYnpOak9WcGFTU1V5UW05VGIyVnZjR05wY1hkSGJXSmpORFpsUW1rMFNqUnVURWxCUmpsVWVDVXlSa3B1T1hGb1lsZDJTRUZ0YUhnNUpUSkNSMk5VYjBKMk1sUnBURVZ0WTJVemNUaG1PV1ZKZFRabFFWVjRWVzlKVkdocmR6bExXazVpWldoaFYzTnNUVXRyYzJWellYSnJORFpIVTFWelVsZFJKVE5FSlRORUptWmhiR3hpWVdOclgzVnliRDFvZEhSd0pUTmhKVEptSlRKbVptbHNaWE10Wkc5M2JteHZZV1F1Y0c5eVlXUnVhV3RrYjJkeWVTNXdiQ1V5WmtkeWVVbFNiM3B5ZVhkcllTVXlabHB5WldONmJtOXpZMmx2ZDJVbE1tWnJkWEpyWVY5M2IyUnVZU1V5Wm10MWNtdGhkMjlrYm1GZlpHVnRieTVsZUdVbVpHOTNibXh2WVdSQmN6MUxkWEpyWVN0WGIyUnVZUzVsZUdVPQ==

http://www.bytesendclear.com/nStosxwmBLREdVDpNrDS4iATkAT7i3WUMtqvQJfEgXmQrIbUUgEEhKuu64K751xEkronI_APa7unV9e uQp2YX0Nyaj13 MnC_2sBvUE7x8o29rkrBxBoyDEFLbHiPlmULWMcLjvB3TixjbJB3TtEvYA5S6cm qoLRFKLkXkvpgwUUOMUwuU6uKQl__WCG6mgUlJxud7oYOMlFU2f22GX5WNONFGWZzipvwP0_xaJRIJG7DTC9qIf_IPT9YoJcpzY_w5cnGkVNUIkGJOI9QuwJc3 6ZnzWLlvCZ Wlw73mDqagSDx200RqhF7A7yoZ8ncctm_tJ3M0563Re5Fu8rG9C5yGOUIRVbnGLJvE5Ggp4 dD3TgMzzi737ehhVT Ku4nWP7W61p326vmMSu71g7cStVlv5rZWJzJ92nDQ23pplCddyaNSlUxauwY53K0z hfYx00sEPjiievr84bo8pPTXUy3ivvS3s2Zp7XvhvEylKVMnrJmPa38DpNpG2x6yuwjCVY0unJBjJTI4A1rbwinvt_tVsJkgpYXry3MWeGm0CDL1RzF3c1cGda9kIJhpWGvfY0UhpTB0HAMKawjSbT25bzpusg==-G2AAAORNd17pc0ZvZ8 QKTEMHUaYA4ccOHyXIIHAOdgYA6_jBI3yjWnULe4G04PYhrLfUTAf3KOO01dUKuEV0pf524enoH6h1NLZSEibzkB AQ==

http://www.bytesendclear.com/7DyrO42hPB_ucaH3Ae9BZTIDmrV9Kndb37HMfPMe4e2mO6aHVC2gklVtU7KdvMX0JbwZ2Ym8buMOsH9CPQe9hJnHSQHS0VZIMU8hqvLE7y91En0SkKxbIH15TG9LX413OoReoc8AKBv5Dae8hmH5BUYvBkaWgfvvDa9BHMr7UBs5OpIRRDzhOwYHu Gk_nJB_HrQEiOyaXkOlRnGzeiZH9IIclQT3vLQ RcwcFUEXG86C_3nA3D JlaxyTlj_cdt3au05N8Kn8t7LwVvOoLzNThUhp0mJuDeFR1fumQ6lTV3_Kx9DDCYHJMq2B8Tg5_fHf5AQWDTmZjB_AQBBQ91bNsYkWeltW_ll3SSdAoGu4zxb qD1nmrqyN 5nN4pkLQBv7G5OsJ0HXEd3LBOgwRoRwlD61ywDUL58u0X3v3NsksYT7vuaC85DyPQL9TlS0Qknqk2zpDnH2T__gj9xlGpKKx4SwaO8VbZ9RTKnZiTKb_37rMNDE5QDUG99uQ6ZAiuLT3YlQWIkVBEFuG2F6yV1CM3ej920wxPvrgb2aXrIz_TyjByB7NWfz2xOiAjscrwQELYW8OQ0t4HVz6MEMPSutWi q5Oyyh66rxZf4R_m1BJvU4ge8=-G2AAAORNd17pc0ZvZ8 QKTEMHUaYA4ccOHyXIIHAOdgYA6_jBI3yjWnULe4G04PYhrLfUTAf3KOO01dUKuEV0pf524enoH6h1NLZSEibzkB AQ==-E

http://www.gry-online.pl/.../przekieruj_ftp.asp?TOKEN=a3JoZVpYaXUxZW5aejhzMUplTE16ZnpidkJTQm9NS3R1NEMzWXdPODhYWFJzd1NkRmpvQjNsamVoREFLekFsTy8vclZhelhhWkxtNWxmUlZSM2FUMVRTNmU5USs0QWk2TkpwQzlUUnAyS1RkVEgxRnQrWGhTZ29ici9hY0llcmk=

ftp://ftp.komputerswiat.pl/GryIRozrywka/Zrecznosciowe/.../kurkawodna_demo.exe

http://www.gry-online.pl/.../przekieruj_ftp.asp?TOKEN=SUYrN2xqUXFHbVg5KzhybjBrRUwxU3F5S2J3VU4xTDcrRnptdUExZ05ndnVYaEs4bnRFWFhmL3l1VlZUNlg4TXpmYStqS1luNmMxRFlyRTA0Vm82YnBwK1FsL2tCc3hTUFhNd2FwY3pRZ1kxbWxUN1JXZzJnblBCbkQrcmptMVk=

http://www.kaboom.pl/files/download/1/6/.../kurka-wodna_www-kaboom-pl.exe

ftp://ftp.szybkidownload.pl/GryIRozrywka/Zrecznosciowe/.../kurkawodna_demo.exe

Scan kurka wodna.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.