home

bol studio.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from download1145.mediafire.com and multiple other hosts.
MD5:
1f6d30ee0e294e7907fd4c78444f3960

SHA-1:
caa84b90fc0fa6cac843c6df348fc1feb41dc1c5

SHA-256:
9799d52ab0c79ab94e41d06de44d998376170f259f98074c735d37f34334df4a

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/18/2024 2:11:52 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Drop.Agent.2083840
7.11.148.36

Bkav FE
HW32.TsCabk
1.3.0.4959

Trend Micro House Call
TROJ_GEN.F47V0422
7.2.143

File size:
2 MB (2,083,840 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\bol studio.exe

File PE Metadata
Compilation timestamp:
4/22/2014 2:50:07 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:WzsZyshNf74EPvfMqdCLTjpXDiBduKC5Svrycml+GQs:Ss5hp7ZXfMXLTjtDiBdtC593Y

Entry address:
0x3D2547

Entry point:
9C, C7, 04, 24, 4B, E2, 46, F1, 60, C7, 44, 24, 20, A8, 99, 5A, 6E, 60, E8, E3, CF, FC, FF, E8, 25, 80, FF, FF, 49, BE, D2, 93, 7F, 62, AA, 9D, D8, 94, 9B, 71, 5C, 78, 5E, 45, 54, 32, 30, 6C, 23, 79, 57, FD, B3, 28, 98, F3, 4E, BA, 2E, 47, C1, 7B, 7F, D6, DE, AF, 63, EE, 00, 1E, 4B, 62, C5, 81, D1, F6, E7, 9D, F3, 7A, 3D, B0, B0, 74, 02, 1D, BE, D5, DC, F0, 55, 69, F4, 4A, 01, 58, E9, 41, 6E, DE, F1, CF, 7B, 5F, 77, 12, 91, 54, F9, 54, 25, 8F, 38, 47, 6B, C0, 20, 76, F8, 53, 30, 04, 90, 29, 51, 82, B4, B1...
 
[+]

Code size:
196 KB (200,704 bytes)

The file bol studio.exe has been seen being distributed by the following 6 URLs.

http://download1145.mediafire.com/vf9f5v6vpvig/.../BoL Studio.exe

http://download1145.mediafire.com/f73l8ts5vcpg/.../BoL Studio.exe

http://download1139.mediafire.com/g917w9gwk8og/.../BoL Studio.exe

http://download1145.mediafire.com/mesux2z7wkgg/.../BoL Studio.exe

http://download1826.mediafire.com/axv7udwaf4ag/.../BoL Studio.exe

http://download890.mediafire.com/cudju1hl6spg/.../BoL Studio.exe

Scan bol studio.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.