» horny_blondes.exe
Overview
Analysis
File Details
Downloads (8)

horny_blondes.exe

Flash Player

This is a setup and installation application. The file has been seen being downloaded from storage.googleapis.com and multiple other hosts.

File name:

horny_blondes.exe

Publisher:

Flash Player

Product:

Flash Player

Description:

Flash Player Update Setup

Version:

1.0.0.0

MD5:

4ce1d501e188db1214a3584476681fff

SHA-1:

9e2d07b25a736387b95e84bbc63e75461e586a8e

SHA-256:

2497bc82692e2e444f389697f196c852cad0e4111fc52aa04bc51f568eebce82

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 5:57:47 AM UTC (today)

File size:

436.5 KB (446,976 bytes)

Product version:

1.0.0.0

Trademarks:

Flash Player

Original file name:

Flash_Player.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\horny_blondes.exe

File PE Metadata

Compilation timestamp:

9/21/2014 11:56:13 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:/dDPefZMq3reSCpttNN6y48vasl+fHcR0:1PeRMIrnI3L6otl+f8R0

Entry address:

0x54C4E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.6639

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

331.5 KB (339,456 bytes)

The file horny_blondes.exe has been seen being distributed by the following 8 URLs.

http://storage.googleapis.com/.../horny_blondes.exe

https://doc-0c-84-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/slq9ua5bo4cfsik23p0lthln34go9j1b/1411387200000/08801131629958551737/.../0BzOAQYG5l_UiNFlkaS1kbDAyWXM?h=16653014193614665626&e=download

http://storage.googleapis.com/.../horny_blondes.exe

Scan horny_blondes.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.