» polski vag 4.9.exe
Overview
Analysis
File Details
Downloads (51)

polski vag 4.9.exe

www.obd2.pl

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from docs.google.com and multiple other hosts.

File name:

polski vag 4.9.exe

Publisher:

www.obd2.pl

Description:

Polski VAG

Version:

4.9

MD5:

be51242f3580ac99332aad66b40bdbee

SHA-1:

db8089cd37de46fe56348b93656403e366d0da0a

SHA-256:

132d7d275a1b3a406a963f1a625a3ceb4bea174ea1a5b22135f4720d8db6046e

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/15/2024 8:21:04 AM UTC (today)

Scan engine

Detection

Engine version

Vba32 AntiVirus

Trojan.Midhos

3.12.26.3

File size:

9 MB (9,414,111 bytes)

www.obd2.pl

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

English (United States)

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

196608:wAYk8lGOAKe8/yx9i6FG3KTTSth7dL6Q0J/Ev61dxm:wHk9KpAY6FG3KTTymQ5v61dxm

Entry address:

0x998C

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 3A, 97, FF, FF, E8, 41, A9, FF, FF, E8, 6C, CB, FF, FF, E8, B3, CB, FF, FF, E8, 12, F3, FF, FF, E8, 79, F4, FF, FF, 33, C0, 55, 68, 32, A0, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, FB, 9F, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 06, FA, FF, FF, 8D, 55, F0, 33, C0, E8, B0, D0, FF, FF, 8B, 55, F0, B8, E4, CD, 40, 00, E8, EB, 97, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E4, CD, 40, 00, B2, 01, B8... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

36.5 KB (37,376 bytes)

The file polski vag 4.9.exe has been seen being distributed by the following 50 URLs.

https://docs.google.com/uc?authuser=0&id=0BzBIzdg0q0Z7b3diY21BNklwTUE&export=download

https://download.poczta.onet.pl/40621652/.../setup.exe

http://s7018.chomikuj.pl/File.aspx?e=NToDBKmeSZHKADXw54TF45Gpe4PWfCJ852tN-AJoauu51Z9PUEPVAmRRm1DONYo4tNHtIwgdwy9CJFCFBNrBNBLDzBUZQlwk0ZKJWfWSfsObuPTnTjhjzaqAtJG0o222yDEWLFz-lOQPjf3WjFy_JQ&pv=2

http://s7018.chomikuj.pl/File.aspx?e=NToDBKmeSZHKADXw54TF477fWp2JNDhV_ufdehglSbYA1JQiyPVinB5qaLBBdLK8JsdBRQzEmpR6RWxyeuq31yED0vaIIdhGWrlH2YZjJ6wnCNlgKEPq9DRB-cy9EX8U&pv=2

http://s7018.chomikuj.pl/File.aspx?e=NToDBKmeSZHKADXw54TF4zo_9j5vmnBvpHbl7X4q1uhvrj5KhLbjeVTtpOdHs2L93dDc2G1mBvL0F3b30tNyxQRWsY1MmNUN8rpFbnn7VHMqgS9HXuagJrH9VJs3hoaW&pv=2

http://s7018.chomikuj.pl/File.aspx?e=97ZzgLyJUVppMAoZTHf1c_-pD2XUXn02uCutIsBhJeOQYWDD_hN3YmeaDSwAg-G3WRGQHF2ZcZf6qPT4kky7rxOZN2RhabO5NExKIooh2HGBBglZEC20a9BP1lxCQpTYS3_T3WAysLebFT92uKIQyEPDdhQC4CTcJMQoZq3m81s&pv=2

http://s7018.chomikuj.pl/File.aspx?e=NToDBKmeSZHKADXw54TF4yoBaez8E1Fw19rOk0Jwsu4sm98rh-uEnHlLnQo-zL6yiNLwA1Poqt7rjhRu16494jqJluhuacCr0k3qQrFHrzekxPQwe0lCuAx3PVTvkMeCFxz3P3G1RsGAFlO_00VMBQ&pv=2

https://nowy.tlen.pl/api/v2/mails/messages/10001-3129a8a457855df7bb47b015/.../1.2

http://s7018.chomikuj.pl/File.aspx?e=97ZzgLyJUVppMAoZTHf1c4w0pKgXsirFW1OmNEx7xVYon3iVMrvPeELrI4zQBTdSfTBByZZKeBAlqhctTWaFaz-v6AtyFmRpmzD6m-H5Tvp_9GtYXeQ-XHP_j-GltgHLk82uRa8YdISmK6CMAoAhHg&pv=2

http://s7018.chomikuj.pl/File.aspx?e=NToDBKmeSZHKADXw54TF47AGxxzD1be3FqNbz9JwwGpW4JD5lzyWJY4IvXp4q7vhe_oMKy8T7f_pHS7pX0B01aRCaNOmfwPjDBMi3CiWTyLXRaodLEMVbcUP5feUM9HfhKxbUdi4yGAsQDMg0nP82w&pv=2

http://s7018.chomikuj.pl/File.aspx?e=NToDBKmeSZHKADXw54TF493MJ7AUgqcMfleLFSc04sDz2CP7yPCZzgeT2Qgg7UPbluxl1gM0eQ92LASBTp4lAsY_1vbd00Td4E36154LKoCZOBbbbVlnBMYvmWDh06Dm&pv=2

https://docs.google.com/uc?id=0B7uHQWU2hfJDYUJleTFDa0xBa0E&export=download&invite=CIe2_r8N

http://s10095.chomikuj.pl/File.aspx?e=NToDBKmeSZHKADXw54TF432J5vJsQVqbriPbsCJcwSY9SlSqPZHck6QfRodG_NVa-iL_JErysRYDepnysBTYNdIGjn6tC3dRsLa06495EVtL0GBcAZNASXVZuwfGdzYM&pv=2

http://s7018.chomikuj.pl/File.aspx?e=NToDBKmeSZHKADXw54TF4ygxhvVloB0RWsbMVWXzI_pvvnOMJVAHYj-vhQwAzq7qkAHlctwkdJdYlPIupMDJXKogiboFEClZUjLXq4GPfLGv2qKyjL6aGluQYN_sLcTm&pv=2

http://s7018.chomikuj.pl/File.aspx?e=Ia2Pxrczo8MmQKpTt7syyRVBthDhrrjM9krPgLPqfo6dt7841vjEXjclPJnK98iUaC2sHGPlRvZxPKUeM6jgniBDpkZxyiYFnwcMI6_CAEja126bwUjEt8ZmRTkdQo-DIqefmjhwUof0UT9iGNqvFQ&pv=2

http://s7018.chomikuj.pl/File.aspx?e=NToDBKmeSZHKADXw54TF48I1KFdOYYJysjv5rPwnqgDNWJkcpp35K1S2v0kuxXUuoov834ZRU0fJMeo5HhZ7MZwfYwb7QlBRUF0-59MbHq9u6lr5ry8z0EgBBIv-rGb-Ha0IS48Xs8FnpoMRqtHcgg&pv=2

http://s10095.chomikuj.pl/File.aspx?e=NToDBKmeSZHKADXw54TF4xWfLMt23tt5fQO7x3kbVcX8PW6h1yLNmn-ENIexlJ7jwUTQUzVF77r5q2X_ywq71oCoi5K0_BJmk_cux4JjMam6dkWHCbRpcCnkxy430lmejA_Z2OE-neBZBCi3FsyMZohBSBX7fPnLOmYq09KYaFk&pv=2

http://s7018.chomikuj.pl/File.aspx?e=NToDBKmeSZHKADXw54TF42Q6DX8JVSlV-7H5r-CnxV84VgrfoJ2ps6lMdVaOcCxmUguarpqXA7JslZ3JWpBJHZBK6dL7id2kVuy1-G2u-j3KavQdqYReCVesAS-0nAKT4XT4TpuKM363StWeZYy1uw&pv=2

http://s7018.chomikuj.pl/File.aspx?e=NToDBKmeSZHKADXw54TF4yoBaez8E1Fw19rOk0Jwsu7WJ-TVhgFHU5xIMIB5Bx7DSn_Uc_iLjBmAU2K1PSDMF7y7iHQxoFMLzYme0cbRAJm-zLH32LTpnVVWGSrSAzO9V7QbHRnUliezcYotEjBbSg&pv=2

http://s7018.chomikuj.pl/File.aspx?e=IATZXbfVQJ2FHSy7typSEJlg15Wi3Cglm3-cdE411Pv1oPez4halbEWHKA96UhHTd3MHFpfiwwc9bRp_w12KPHpO5JjKG1N8Vhph4sVUPU_rZN2X2a2Tq-auP1vU_YEX&pv=2

http://s7018.chomikuj.pl/File.aspx?e=97ZzgLyJUVppMAoZTHf1cznfez40Ld20pufX5J-DOLRdsWiCX2Mq3wvx62umsO0A-34BPD-jm36MEmRireSfl3QxFB-4zAhDZQ3lRDNiLK_lEWJbwbwilerFoBakuj60jgXiWpgaG34lUvkamwjFYD2Pe2xQEecGO6e5MmB8lPs&pv=2

http://s7018.chomikuj.pl/File.aspx?e=NToDBKmeSZHKADXw54TF49n1oPwTqnGN83WFbNe6NlFp3nfTL81iPViyTsoE-E82G8mbuiWjQtSI-1seIY3FveHIRnog7wmipFMu5wgqBQrfVzxvdgNbAyeqLA0-WGi1&pv=2

http://s7018.chomikuj.pl/File.aspx?e=NToDBKmeSZHKADXw54TF40Tw6Im15La5Fl4C50iQVshC_jjVn7Bov7ETj9QItKO_rbyfFuv5h0FWqZfIsU6RPMscZMhfwGsPWie6DEaz_6nb80_JEU37A-bgCyrB9pmR&pv=2

http://cdn.downloadcobra.com/.../setup.exe

http://s7018.chomikuj.pl/File.aspx?e=97ZzgLyJUVppMAoZTHf1c-5E73j7izJDRTmq0OQg1vmGjVoMH_ahckfhFA6RT1989gTQwalRjbotSQNl9W3WAyQWCMAE-N9otK3s76MOrrfcI1G74FJCTGJWBs__cvuxfbrmmEmpI8b9INf-wO1QaQ&pv=2

http://s7018.chomikuj.pl/File.aspx?e=97ZzgLyJUVppMAoZTHf1c-BbOMILqWvAfoTSRVb4JEZmGonalFXsmSzxrb9VDPS0QLB2631WG8IqMgh4wGAZ1OuO7_vGPYw4IW6IOw1mdv_j9LRnmzhoKlmsj1JYUj-juMbFPb6S8-_LPJ6Iy_PanxYe1k8efDadlDygyRToCzw&pv=2

http://u.poczta.o2.pl/?cmd=getpart&link=A01302AMkBUP3TbwiYSAtPzbaODNAP2OtLTPscDOAhWaZjSMeP3OxPTPAaTMZPDMAhnYwjTOZNDNoNTMJ83bwjTMsfDMkejMkhjYRaTPohmYMjzNs8jIk8AAwzAAlZ2bNP2aA6kVprDIZKSOfBGeVk

http://s7018.chomikuj.pl/File.aspx?e=NToDBKmeSZHKADXw54TF47L-fl9t4pfNV5OHsnK7BINf1Fn3jPC9nTGaHIPsxI-2A--u1CHQG8pPur_i2d7Fn3WkQ4WKcaEg0Nm4eiA9JRyQo6WlfQFqn_TnYbdqE5WJTVXLYYK_H74C_coc62HYZg&pv=2

http://zalacznik.wp.pl/0/.../setup.exe

http://s7018.chomikuj.pl/File.aspx?e=97ZzgLyJUVppMAoZTHf1cymzWluuMVFTGYGl7ZxJGHTme1ITmWP8YOt63cq7nagSSrUPWh4d6MZRL7nZHo2KpV_QO7PhSSiRvDA7aiOz9BksPVKYrXZOfhLG7IsnrthOoPfpvnBMHzmyYTbZQQbItGqMsy1Mlzpl1_Lx_uaJlEI&pv=2

Latest 30 of 51 download URLs

Scan polski vag 4.9.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.