» little_russian_whores.exe
Overview
Analysis
File Details
Downloads (2)

little_russian_whores.exe

The executable little_russian_whores.exe has been detected as malware by 1 anti-virus scanner. The file has been seen being downloaded from www.oneclickdownload.co and multiple other hosts.

File name:

MD5:

d96ef1e119d267d0ff6fe8f320276a15

SHA-1:

58be0916023d39da50793827509cdf16bba66463

SHA-256:

f0da3f59b80e7046719379c79b8d7fdbfda458d352a5e534dfb20b7daa38790e

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

4/25/2024 1:55:29 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

(M)

16.6.18.0

File size:

30 Bytes

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\little_russian_whores.exe

File PE Metadata

Compilation timestamp:

11/14/2022 12:05:51 PM

OS bitness:

Win32

Linker version:

110.101

CTPH (ssdeep):

3:SXKPFCXr0Bv:SuF24v

Entry address:

0x4624E0

Entropy:

3.8566

Code size:

2.6 KB (2,660 bytes)

The file little_russian_whores.exe has been seen being distributed by the following 2 URLs.

http://www.oneclickdownload.co/download/product_download.php?pub=tfunk&fileName=http://www.torrentfunk.com/.../157960.torrent&name=yu gi oh games pc

http://www.oneclickdownload.co/.../product_download.php?pub=bits2&fileName=magnet:?xt=urn:btih:d140dbd4e5bee575a36689b7186f9eee850bfa04&name=Rhino 3D 4.0 SR5 Ultimate&sp=1

Remove little_russian_whores.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.