script lamer oraculoh.exe

AutoClick KauB

Microsoft

This is a setup program which is used to install the application. The file has been seen being downloaded from download847.mediafire.com and multiple other hosts.
Publisher:
Microsoft

Product:
AutoClick KauB

Version:
1.0.0.0

MD5:
f3011d6191095a0bbba9c94312e4d5bb

SHA-1:
af2326472c4024d1b101ecffab09f31a81899b52

SHA-256:
b2e2884476688c914486336c35103da40fcc8f3365ae6c9708a4dcbd2791b2cc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/30/2024 9:07:58 AM UTC  (today)

File size:
69.5 KB (71,168 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © Microsoft 2012

Original file name:
AutoClick KauB.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\pack de autoclicks (smader10)\script lamer oraculoh.exe

File PE Metadata
Compilation timestamp:
4/25/2012 6:53:09 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:+fZ0zljzvBVHDeYKG9IqbkWDSj0yYIvme7ABYq+Z:wmzNjBVHBKVqoWDy0yXveBw

Entry address:
0x11FFE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
64.5 KB (66,048 bytes)

The file script lamer oraculoh.exe has been seen being distributed by the following 7 URLs.

http://download847.mediafire.com/55ngo73mk14g/.../Script Lamer Oraculoh.exe

http://download612.mediafire.com/z0n6ywe2t2og/.../Script Lamer Oraculoh.exe

http://download847.mediafire.com/1utz0lg3koeg/.../Script Lamer Oraculoh.exe

http://download612.mediafire.com/czd8y5bw4b3g/.../Script Lamer Oraculoh.exe

http://download612.mediafire.com/mvkv6qvvkvsg/.../Script Lamer Oraculoh.exe

Scan script lamer oraculoh.exe - Powered by Reason Core Security