» 1243515418_dames.exe
Overview
Analysis
File Details
Downloads (33)

1243515418_dames.exe

Application Dames

This is a setup program which is used to install the application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

Product:

Application Dames

Description:

Application MFC Dames

Version:

1, 0, 0, 1

MD5:

818ebccd01cbf1e619965e2a38449248

SHA-1:

ca1ade63a5a5a4e7b4df2fe93d31e9ed9b865b79

SHA-256:

cb44d9207f4db1091f5bdce8163a10f4ada446f5493716b643eafe6b5322c031

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 6:16:20 AM UTC (today)

File size:

1.1 MB (1,134,592 bytes)

Product version:

1, 0, 0, 1

Original file name:

Dames.EXE

File type:

Executable application (Win32 EXE)

Language:

French (France)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\1243515418_dames.exe

File PE Metadata

Compilation timestamp:

5/5/2003 4:24:01 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:8oj0fj8vSE7dTB3/Ih2POIJO3ba0oQzyWyKIoghB6m3+NwXlXBW:njxlTGu91XB

Entry address:

0x123B4

Entry point:

55, 8B, EC, 6A, FF, 68, 30, 58, 41, 00, 68, 18, 25, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, A8, 44, 41, 00, 59, 83, 0D, C8, 90, 41, 00, FF, 83, 0D, CC, 90, 41, 00, FF, FF, 15, AC, 44, 41, 00, 8B, 0D, BC, 90, 41, 00, 89, 08, FF, 15, B0, 44, 41, 00, 8B, 0D, B8, 90, 41, 00, 89, 08, A1, B4, 44, 41, 00, 8B, 00, A3, C4, 90, 41, 00, E8, 22, 01, 00, 00, 39, 1D, A0, 8F, 41, 00, 75, 0C, 68, 42, 25, 41, 00, FF, 15, B8, 44... 
[+]

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

76 KB (77,824 bytes)

The file 1243515418_dames.exe has been seen being distributed by the following 33 URLs.

http://gsf-cf.softonic.com/ca1/ade/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60320&instance=softonic_fr&type=PROGRAM&Expires=1487653348&Signature=EYGc~i8cek52YynyoOKYc9cgYbdYYWbaZAazuO0dEvaxtQuIEgQdMCv0L59KoIPG3B1nLKnCAK~ZuSRhm4soRbJWGy13EZyqPx6RCKNSWUooB8QTc3M6XnZ9vGSti2vLInhki5~YDTNcB7z17VbwvH0g5KdYrKbiGsEMoT8hdJE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dames.exe

http://gsf-cf.softonic.com/ca1/ade/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60320&instance=softonic_fr&type=PROGRAM&Expires=1484440312&Signature=Fb9lK1f2-DNyDM850G0p-syoDqW8G-Fe04KlDQgCraNPgI-n0Rt32AGYzHTOF-J8fbtxGeDWRUxIlxZNPidc-GEkpkVXKAvw5d2Fw2ZA-21zCdmlymkML~VqnC9hvWi4N--BD9XLYEY85gnliysvoLwlbQDQ2874wZsaphzXwM4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dames.exe

http://gsf-cf.softonic.com/ca1/ade/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60320&instance=softonic_br&type=PROGRAM&Expires=1466947955&Signature=QeLPa25HsyJBUKNBga5iUWBgTxF-PHyQCJLNVOBIKlVTYDiuvoBh~9A5NPQerA3DbVNZ~wP6pejRpyxLKHzFzb8~QmaZ4n97n1FTbfHgf1kwSVqWXB-DOg3foH3fj5gbfZcvf5SnzePpkdiEwtLL-6bkIGMD8nyaNgt~ZEydFL0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dames.exe

http://gsf-cf.softonic.com/ca1/ade/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60320&instance=softonic_br&type=PROGRAM&Expires=1479119680&Signature=Dddq9IsRKSRl1vWb16q0~VMNTJchd8lE6p6HEs27ulEWosjpD~9GLseIqOhm0Nmn1MKSdl0y2GQWY~SJh~MSdZDijeEjOE~L17c0eVnfZIa0lQmzJBZOoPP7YoP1aPdwR1kUcFDeNZeZa2hFnjY6QpJtDZwF3U3DTZc-mexbwPw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dames.exe

http://gsf-cf.softonic.com/ca1/ade/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60320&instance=softonic_fr&type=PROGRAM&Expires=1475568681&Signature=K5a5hBOiMdxTQRPeAA~tDwOs~Zxry3MQPER7RouP8MuMOq8j4Wbn3U-1xNe2fH8tkM36Wx5wK1bF2QQTGQpbz0BuSNwsz1r1RaztsXkFwEVYP~zWqzQcrph-OyxO-czktZzMHvYsdIvHEX~gT-gWEwat-AAGncc3Ca2EKo0wKRA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dames.exe

http://gsf-cf.softonic.com/ca1/ade/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60320&instance=softonic_fr&type=PROGRAM&Expires=1476959074&Signature=h5V-gUKgydJBdKqANA6Em7VymBZgDrvkOo5P0hqF-dzgQym3~n~si3hxN5LJ48NI7PxdRm3UGEi~MkFg3wGzg8nhOkEmyW5wAWCoh7SQehrBEZY20EXWbRIhwOMVL6t3ZWdujgplfMhmc5CJOCEvuD6RqbDSLVItfqRQXwLGW~A_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dames.exe

http://gsf-cf.softonic.com/ca1/ade/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60320&instance=softonic_pl&type=PROGRAM&Expires=1479862123&Signature=alMD82xcfcI3iVpm2r9ZVow~0w-oNUljtBTY-UIojGWk0cIx6rUMnqRaPq8HvEmGXhzjKdVv60m0yufhqtKAwzbPWAmIAk0Pn7CDQxyN2eWCyBE-m1ITx4Vmlr3jZKdUfQoV-ZoSMX1nkIf2RzjVxg5-vEUNqsoBElF4b-zCZ2Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dames.exe

http://lb.cdn.m6web.fr/d/c/a/1adeb949c208feef6049bfe9cafa3cbf/57972955/soft/.../Dames_-_DO_1.1.exe

http://lb.cdn.m6web.fr/d/c/a/1fc11edea43e088158c23c895544e35e/5824bf67/soft/.../Dames_-_DO_1.1.exe

http://gsf-cf.softonic.com/ca1/ade/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60320&instance=softonic_es&type=PROGRAM&Expires=1470473109&Signature=UPFlKull3sNUOFUfnhywJggljJv1L9TgBQmTlFNOpLuic0nLrV3P9jtGWxw7Mwj4iJ1iEIioBiHjJHGufpGvmUpU8k0awTvXlBHLnCf7lUbkGhYkTHsQzspjbJOgCzLGjehgCCS46aGcsTsO7I72OGb71i4yzYdNIMiEGUP8NKI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dames.exe

http://downloads.ziddu.com/downloadfiles/.../Dames.exe

http://lb.cdn.m6web.fr/d/c/a/db14c9a551f41f4453fa63987d36f265/57fa8f55/soft/.../Dames_-_DO_1.1.exe

http://gsf-cf.softonic.com/ca1/ade/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60320&instance=softonic_br&type=PROGRAM&Expires=1474329620&Signature=YgUUedloIAqcVEm8gVUZPQecWGJnwQDXdCZpVM8en4~50fO~hciGHcfWIFAG6W3OpZsZb~X43zR7XdI8BOUv0lexHoW5YB4C8osydssDKEa~Q6h248Gq2aPzpGEOiqZLZBXv9Q~TlCetq2GDWagqKTOSJ3qa0LC1L8gISMXpsDk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dames.exe

http://lb.cdn.m6web.fr/d/c/a/3e09c1cf237dc4af5d5a4263a8ba7e34/57b98c43/soft/.../Dames_-_DO_1.1.exe

http://lb.cdn.m6web.fr/d/c/a/4691516e43a023e267240af0a43384f3/578eb12c/soft/.../Dames_-_DO_1.1.exe

http://lb.cdn.m6web.fr/d/c/a/5b9855988ecef511cb5efd43b03b8429/56fd7af0/soft/.../Dames_-_DO_1.1.exe

http://gsf-cf.softonic.com/ca1/ade/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60320&instance=softonic_fr&type=PROGRAM&Expires=1447279060&Signature=SdS06yq5Phq5121ddtgwlF670Wl3HNVT5I~wBpphMvho4U0QD1NpIt9rpoBj8yYsbKabqH0~9JZZq7pCNAqWwugowtW~VbE8zLgWc~4vP5eITKM9K6PQulMQMpWRAOivB22LU0tIkEwO6bIcWaK2aiiw0ZHHhDQLD7umC7IHYSE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dames.exe

http://www.jetelecharge.com/.../telp.php?id=247

http://lb.cdn.m6web.fr/d/c/a/1a4267188548631f27664e69d9913cbd/576e8518/soft/.../Dames_-_DO_1.1.exe

http://gsf-cf.softonic.com/ca1/ade/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60320&instance=softonic_br&type=PROGRAM&Expires=1462928629&Signature=dWpeqV61GUE-6Y3v-dFJTwLuaspCcNPxvmUQjE9OAfoMEF-8C5ncuhMuCo2z~3uYvDt9ScfeH4BkQXAXdUG6gv7ZFkch7YJBt~U-rkNmWOmgwbV0ysQq3LI2J2MzcXVnUb0AyKNBYOpne2IGky51Du4JrCSeZZg0c6ngJSfkC~U_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dames.exe

http://lb.cdn.m6web.fr/d/c/a/c35d43417a7abc4db61428060d49ec23/57431897/soft/.../Dames_-_DO_1.1.exe

http://gsf-cf.softonic.com/ca1/ade/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60320&instance=softonic_pl&type=PROGRAM&Expires=1462234045&Signature=Jyi-MfwEJ21Wm9SFguGwFFjFXIUmNauJ-jFlxgcTDUsP4nD-35sfWRO6dojicolY15rEzAExg9RSK8jzQC6VrebsEiTBtu6et1xHALN6Y8hzfNUo7Y0n4toQNyq68vmA~egx0rZj5KYMtX9pUM8Gv0IViVPNWK9TVEs5fBXf14Y_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dames.exe

http://gsf-cf.softonic.com/ca1/ade/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60320&instance=softonic_fr&type=PROGRAM&Expires=1454927214&Signature=ZAomo1bzovGmoHUYfIOS7az3jyCQhq3vpVEqGLZgCGaKdGtg5DyCW0bEk4dpZYgbMdYz7Do2pnsKLmqSygTNMzmxs2V9O2ESw4St20OHpSSfMchKuhuiVghpi0GhNW5ri8vzTwVwM-~Uf6Px3BNgSjLaTX~oQJ9Xhe4zBulwX50_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dames.exe

http://www.recherchezici.com/.../Dames-do.exe

http://gsf-cf.softonic.com/ca1/ade/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60320&instance=softonic_fr&type=PROGRAM&Expires=1457260856&Signature=T2kOB1XSuFeZaioIrvJ~hBdoUkybQMu5amELERoZkwdPGHt6fw2eIjAJk5W4uzm62vJ2ZGP79fExE8jDQ6M~wCdxbmHmzRx6It-P9B5QqJFVxchOgRmQgIQrU7QlhNQk2tmHVBzOP9iP~kPm4stQVRAHzPcXu66i44SMGTEftpE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dames.exe

http://gsf-cf.softonic.com/ca1/ade/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60320&instance=softonic_br&type=PROGRAM&Expires=1453635332&Signature=Fi8FMIZz41CZSukm0pWiQ9W5LC1iEArNUtFfDlScO9U-nD30Zba4OMh78c8OVf2RA4zH7jx2lFYsOata6LoIC1d7lj88ELl5wEx7y2~U-q57A8xObKYORYEeHpfAN8flhimT-OkcRpPplBoWd7VyhIHASiXLgxgr7JnW0kQ70Jo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dames.exe

http://gsf-cf.softonic.com/ca1/ade/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60320&instance=softonic_it&type=PROGRAM&Expires=1442097000&Signature=XHpfiRsIOl64hWxq2Tr8JPaaR0zk-Ch6fgAwkvJnr8KthF4zt6-kigJVUG0Eu0QyQFHqNqgXVzXFmcVGnEcvgrj-CucF5tgR-gcI-vsaLG13qIcF1OvtemGYUuYz9~hD7-0KjvQhj4b12HU5lEPYOxkUP1bcMqY~GjlgBCmxMEk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dames.exe

http://www.jetelecharge.com/telp.php?id=247

http://fleury.clement.free.fr/.../Dames.exe

http://www.01net.com/.../telecharger.php?id=26495

Latest 30 of 33 download URLs

Scan 1243515418_dames.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.