» b25ljtiwb25ljtiwb25l.exe
Overview
Analysis
File Details
Downloads (9)

b25ljtiwb25ljtiwb25l.exe

Desktop Icon Toy

iDeskSoft, Inc.

This is a setup and installation application. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.

File name:

Publisher:

iDeskSoft, Inc.

Product:

Desktop Icon Toy

Description:

Desktop Icon Toy Setup

MD5:

d460cd3f5c24c70d01b4333b8917b8cd

SHA-1:

7bdda073aec2b613bd8e0803d2c7f591978b6a4a

SHA-256:

a51a54b4a0ef60ef075c0de2da65c7c2e9fa0bca09c2b4ae4b67eb5e448d869f

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/25/2024 7:02:02 AM UTC (today)

File size:

775.9 KB (794,563 bytes)

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\b25ljtiwb25ljtiwb25l.exe

File PE Metadata

Compilation timestamp:

6/10/2010 4:33:52 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:j37h6c4888888888888W88888888888VjXYbA9tr3iP03YzuOMZBmYvO7m4uWjUG:z7hc5br3FYzFM3/vj9F7kid/iqql

Entry address:

0x163C4

Entry point:

55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 54, 55, 41, 00, E8, 70, 04, FF, FF, 33, C0, 55, 68, 91, 6A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 4D, 6A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, A6, EF, FF, FF, E8, B1, EA, FF, FF, 8D, 55, EC, 33, C0, E8, FB, 87, FF, FF, 8B, 55, EC, B8, A8, D6, 41, 00, E8, A6, EA, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, A8, D6, 41, 00, B2, 01... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

85 KB (87,040 bytes)

The file b25ljtiwb25ljtiwb25l.exe has been seen being distributed by the following 9 URLs.

http://dw.uptodown.com/dwn/4yYDn7XyRCXkUgjtbKXhT2TO9LntPXVeaTg6KRuTwwXLiywiHi-WBuDd-F37Zn3Vz5Xz5DBlXXuegk-9Lre0LiN8m0ETxl8e6Iep6Lfe6KqBM7dz1jBeZY_9WddqJDsX/Ja0IrYyfpQT9gjiG3CcTNNyZfPYXQbh7M3FS33dEl5b2nnDbQYgXzAGQjuKQVdUsfo1S9bjRxKCgINqhmYND-h2GDtuX55xaCOl0k-eIXoF0AQfR2APWa8Niquh5OMBp/8JcMdykhas9ne5ilI56yzwoSbqddFV1p1I0mYlY5JD2qi94F5mB80Xdbo04_VL5v1-FtmjCcwVvtRHQJBDDGydwser8GmHh_LR0gaz4xV0mVNRrOLfW3ri-oF3itlh_l/.../

http://dw.uptodown.com/dwn/0BcE_FH4XmpAqhFNAtWbuPx8siGaCXRxo3vbvH4hb0IeE-vbFBFVHHmjpcj8wNgB06lwcx-sKUikP8h_6gwdKqnvAZTEm0zDqZJf9_D24rXZsWa99dAn95_aknIH4vUu/IHvK-9u-WGQ2cZfx3vHzguA_cKHFPC_CkHB8Wetkh9c_imFeA2tmnTrxnVjzeks2Q8Z5DVXiIx0KUbDOz_TLbS_9tYV4RMIV_2_FPpjnAxOa_1bveOG5oHqiDMkFNJ1Y/O1KNnxRuA8R0PMVF-Zc5n-A0n-Ioj0ZyG9cE6SuvH8TFp4E8kzQJecHCJ4HPZubQYrEL0tEtZtT1vkUX1Qxo7OFy3GiImhRux3aGYs4mGs1HseCU_cM1CyUoFz1dh0tU/.../

http://dw.uptodown.com/dwn/Ep-M0hR6FfynDeHxML42elde6zcITGzBdDYUK-WlXLfU2jM0Q4Z5Ny4-XN2mZs321aFnqQpnJvPDKV7DCLEqW19V0WHRKs0G7n0RN27IlC61of_KXDhUTzX1w-N_oKA4/vC9vO_OTLpwB2s13SXQgYWFHAgMOs6W5WVKQSc0vWS0vzjr72XQlyKIAE6KvGMNiBVkA13kzNF8ZXwTOO5PZQRk5yWROacE6w0VOAZhsDW_hoS3gNZeEuRuL39dDXDRs/-krPmPf1oFlKpnBJZ_FoQmTGWQqn4Wi6__NXSbOXdUBEv6yzeqbXV_zmjVM0IFvq8-Ubo_he4aPa3pV7o4SNZFLTabujXEuy4cPwY96o2aRKyT_3mjP-Oz5qAJs0e79e/.../

http://dw.uptodown.com/dwn/qKZhIUsapiF6Ws_hq9VW3ry_af4EVfxj__OxXusgc9GjswbV6Cr0kkxjt64_vwdVTeVR8ZeICkahmZwrtMS4FoByTsvk4Q2y659EuEUCqVX-XlgwqplB1gtLq9xENrZh/OOkMzDpxwwsJTpYOQfkWItggNmBDmWDwjfYWlVA4njwLHMiveH0hycZPcSlOLM3vnvfTNge3FCSDMfC8sROaLnTwBX1OX_Pc6BxY28rXdAGd-7lWFwiNYov4sSeqHZSN/QEz6vWHcQgV9d6JnrZD2amlLmtJ8bNXXZU7JyciSkYl_DXyvs7zXvX8vq4Ix4CepOHWEyv0pGDs5fiP1hWKUK6GoxhVFtCCL1GbMXSrMxL73bug4kRrjfQ-AKfAnu8f3/.../

http://dw.uptodown.com/dwn/7H0aW4Fd6DVDgimX4icAcuzbE1VY1eY1Gt_hbWsVs6yG6l0Yk2Kd3rvpRNjlupmlQEq6p3e58wyWiuDphtYhd3nOIofOu-RXBH9PH3kZlUB7JVFcvjQ-o6KKSV4fHtzJ/Tr-Xj0xKYbBO8RWn1WWV_yG-QLLsynr9Ur_n0JNYnr-Inp7w6cW_1n9_tqcL4PJbpNvcNVPgspbQtKYUAF4wXFh220q2lPEbyu42cNRzWdzJWl-6be81ijS4hVgmPhjp/.../

http://files.downloadnow.com/s/software/12/76/86/.../DesktopIconToy.exe

http://dw7.ar.uptodown.com/dw/1440075872/.../desktop-icon-toy-4-7-en-win.exe

http://dw.uptodown.com/dwn/WymEBrPYpZ0fV2LEt3RHdiXG-DillCkbILn1KrHvEeTstj0mzlrTfTYlCtZ_LnSPPFI0GhzvhDrtnnYdyBKcJN_nznZI7_yyS_YknnN0PYgZ8HGbXOJTDdTyiqr71ArV/8PpLbIeejbGmleN8IOsFb8l8srzP13gUR-N9jPvPeoXg12BGzNeR64PhkYJz5m-Qg4PfdFDZ29yO3U3Ob0VGLtKei8kl-w7knkqc7efVvL344R3s6xvYq5jlQQUvW3xn/.../

http://www.idesksoft.com/DesktopIconToy.exe

Scan b25ljtiwb25ljtiwb25l.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.