blwro.exe

Tibia Player

CipSoft GmbH

This is a setup program which is used to install the application. The file has been seen being downloaded from download2010.mediafire.com.
Publisher:
CipSoft GmbH

Product:
Tibia Player

Version:
8.50

MD5:
fcbbb6c20232c4c31344f6f2afdd7f86

SHA-1:
196b54024b1efb6c052b2720443cb93f53c2a6d1

SHA-256:
426eb267b3ce93f37e679e83203686168a8292061827b7b1bd08841a2c71e672

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 12:51:20 PM UTC  (today)

File size:
19.2 MB (20,153,073 bytes)

Product version:
8.50

Copyright:
Copyright (C) CipSoft GmbH 2002-2009

Trademarks:
Tibia is a registered Trademark of CipSoft GmbH.

Original file name:
Tibia.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\blwro.exe

File PE Metadata
Compilation timestamp:
6/30/2009 11:37:47 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
393216:Vg8A/RGCQneyDi8sD+aEeJ3LAfh/eOQcleCz0Y78NDuljU:W8JC6QDLTJbA5eZclAOm

Entry address:
0x448B33

Entry point:
E8, 00, 00, 00, 00, 60, E8, 4F, 00, 00, 00, BA, 6D, 97, C8, E6, B1, E3, BA, DE, DC, D7, 4B, 0E, C9, 3E, F9, 6B, 5E, 68, 67, 7A, 15, FB, B8, 03, 25, FB, F1, 84, 37, 83, 30, E5, 1B, D4, 85, 65, E1, 9B, FD, B7, 88, 32, C2, FA, 67, E1, 75, 4C, 46, F4, 36, C3, B8, 8E, 65, 4C, 46, F4, 36, C3, B8, 8E, 65, E9, 1A, 6D, 00, 00, E9, 2E, 6D, 00, 00, E9, 29, 6D, 00, 00, E8, 6E, FB, FF, FF, 6E, 04, 01, 00, 82, 99, 00, 00, A0, 17, 57, 78, 77, 5D, D1, 76, 17, E9, 74, B6, FE, 19, 91, 8F, 87, 70, D0, 5D, A2, 8E, 69, 85, 15...
 
[+]

Packer / compiler:
MoleBox v2.0

The file blwro.exe has been seen being distributed by the following URL.

Scan blwro.exe - Powered by Reason Core Security