home

malymalarz.exe

Mały Malarz

© 2014 NaukaDlaDzieci.net

This is a setup program which is used to install the application. The file has been seen being downloaded from www.vaulthosttower.com and multiple other hosts.
Publisher:
© 2014 NaukaDlaDzieci.net

Product:
Mały Malarz

Description:
Malowanie dla dzieci

Version:
2.0.0.0

MD5:
66d0d90fd4c36a032b35f2004805489f

SHA-1:
2f083b1d7a36194a3cf133ef8bebdd304cee831f

SHA-256:
cf163fdcd368cadb7b0249f487ebf17118abb7d849c9de30c2042d589666bdf9

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/24/2024 5:52:26 PM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
Backdoor.Win32.DarkC.~A
23450

File size:
3.7 MB (3,845,632 bytes)

Product version:
2.0

Copyright:
© 2014 NaukaDlaDzieci.net

Original file name:
MalyMalarz.exe

File type:
Executable application (Win32 EXE)

Language:
Polish (Poland)

Common path:
C:\users\{user}\downloads\malymalarz.exe

File PE Metadata
Compilation timestamp:
8/20/2014 8:28:38 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:rD4Scjmku2aToqa0a+WGC44HU8qDiGc4cRERC2BjTzQ7T6hREvLRpLL6mt2yKq6w:rsSZcqdSa4Hz40KBjTc7yEzL/0

Entry address:
0xE5B38

Entry point:
55, 8B, EC, B9, 08, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, B8, C4, 43, 4E, 00, E8, 72, 11, F2, FF, 33, C0, 55, 68, 7F, 5D, 4E, 00, 64, FF, 30, 64, 89, 20, 8D, 55, EC, B8, 01, 00, 00, 00, E8, 6F, D7, F1, FF, 8B, 45, EC, BA, 94, 5D, 4E, 00, E8, 5A, F4, F1, FF, 0F, 85, 97, 00, 00, 00, 68, A0, 0F, 00, 00, E8, B6, 8B, F2, FF, 6A, 00, 8D, 55, E4, 33, C0, E8, 46, D7, F1, FF, 8B, 45, E4, 8D, 55, E8, E8, 53, 3E, F2, FF, 8D, 45, E8, BA, AC, 5D, 4E, 00, E8, CA, F2, F1, FF, 8B, 45, E8, E8, 86, F4, F1, FF, 50, 8D...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
914 KB (935,936 bytes)

The file malymalarz.exe has been seen being distributed by the following 5 URLs.

http://www.vaulthosttower.com/PncbVgYTxcex_yGMfM8jDiCx92vJwUQw1vVzcZqrDduojmRG92UUXhXDf UlfFyjAO Yfd9DgV8ZApFsJR3JyiJ7pxby2K4kDJRli6d_9cZiqFdbUgKOEKoGd qaVHLGPdDHEOckQd7q2C0qPn7KbSxQYYZEFoRPIthAbDKPZdMxRs9urJZGHFob3KtMNNr8zbZSBMPaTNJUM32LcQjA3iJrG_tHDsjuuIE j0JPgTdO0eyELblXLGgCYbt3Mzv EAX1st7QwJleXYdlLntg5v3N17TKu7M8CX3V9D2_MWPAqcBFYKMbx5GRec7m3hizQLY6IyZbeDfq9pvAQ1QTPiCQYhqqztT o7DkKE4bcze8voBjT8KJOZTJSenQ03zrvLv3gUN15_0WOHZO305sERxsdV_RBEGwBk w_Wb 50VDiY8hlAGUTksLGfo3dUsQnRM5eSMU-GywAAARqc7GZmiUc84NMDIPBZodQiCwTqQ504xO0rLmbKGJSKwFx6pczpic=

http://www.naukadladzieci.net/.../4-maly-malarz

http://www.programosy.pl/.../pobierz,maly-malarz,2.html

http://dane.naukadladzieci.net/MalyMalarz.exe

http://softonet.pl/wyslij43125-1.html

Scan malymalarz.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.