» warblade_12y6_full_poland.exe
Overview
Analysis
File Details
Downloads (23)

warblade_12y6_full_poland.exe

Edgar M Vigdal, EMV Software

The executable warblade_12y6_full_poland.exe, “Warblade v1.2Y.6 Setup ” has been detected as malware by 5 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from s7032.chomikuj.pl and multiple other hosts.

File name:

Publisher:

Edgar M Vigdal, EMV Software

Description:

Warblade v1.2Y.6 Setup

MD5:

a1516e5e8140d1eefb6ef83a07450781

SHA-1:

5f803ffabae0dcce0ca86f51b51e2a03a61e6c2d

SHA-256:

34626183d3bb39e3001fbee13bed364efb5fb8d18ae88e173dc3cac42bfead07

Scanner detections:

5 / 68

Status:

Malware

Analysis date:

11/24/2024 1:05:05 AM UTC (today)

Scan engine

Detection

Engine version

AVG

Dropper.Generic

2016.0.3227

Comodo Security

UnclassifiedMalware

12188

Dr.Web

DLOADER.Trojan

9.0.1.016

F-Secure

Trojan.Generic.7389486

11.2015-16-01_6

Kaspersky

Trojan-Dropper.Win32.Patched

14.0.0.2632

File size:

28.8 MB (30,184,469 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\warblade_12y6_full_poland.exe

File PE Metadata

Compilation timestamp:

6/19/1992 11:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

786432:4AnZp7DPy4Rq7KxcFPgx4ZQZdgVUAgiuxQOq:4AnZpXxqex4KZdygizv

Entry address:

0x9264

Entry point:

55, 8B, EC, 83, C4, B8, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, BC, 89, 45, B8, E8, 5F, 9E, FF, FF, E8, 8A, B0, FF, FF, E8, E9, D2, FF, FF, E8, 30, D3, FF, FF, E8, 07, F6, FF, FF, BE, CC, BD, 40, 00, 33, C0, 55, 68, 14, 99, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, A4, 98, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, B0, 40, 00, E8, EC, FE, FF, FF, E8, 9F, F9, FF, FF, 8D, 55, F0, 33, C0, E8, 41, D6, FF, FF, 8B, 55, F0, B8, C0, BD, 40, 00, E8, 10, 9F, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, C0, BD, 40, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

34.5 KB (35,328 bytes)

The file warblade_12y6_full_poland.exe has been seen being distributed by the following 23 URLs.

http://s7032.chomikuj.pl/File.aspx?e=IMZLHkGg2UgNi0X_WyhJ7qpahbUCXhZAXhrW_JQDNNpNzmTkBpEWQSZZB_i6Zz3nUeb7OhNndcca4A4UM_8TVVkhifBc5ybS3MnHQ3Fy5qwQI6G-x1U6nahtgfvOMydTypiN6b3VvC0sfeizn8BWfulAQwJOMo6d0_0kEpGSbz4&pv=2

http://s7032.chomikuj.pl/File.aspx?e=ZDggvpumKAPFvwYQDKNI-A0qtwdxjWgYFCpmIwVud-O9Aafj4XyIvxMF2h2CXws72igAgPj9Bx4idjbL1RDN6zrzm8TpzlPHGp_wFS4M1-VDCMpf2TgcTmpCKxo-DzGwy_ilFQHUso03guAXWVEzCc_Hgd9yF1rRmu4TTsDhZvk&pv=2

http://s7032.chomikuj.pl/File.aspx?e=ZDggvpumKAPFvwYQDKNI-Ox0VBo1Ah1XtFyQbsCHpHEkClCwKqGoUyw6cp_NvKqPMAw8R2RxvPOLRh-zlET7D5kq4KH10dXDW21vX1CCnvPdRRBuYRnweKNhBIBSldH7WK2nU9nkV0jdrkopt-lAnBVydyz3WXCXIIuoDuosuF8&pv=2

http://s7461.chomikuj.pl/File.aspx?e=ZDggvpumKAPFvwYQDKNI-M9oRTIuAIl8ropA96GZKUiU8epUk7lVh5uJLGVGJmz_bGiip1jA93Gpuu9wE6YVDqB-xCaU5_k_YALpF3k2BLJG2H8PsPxi5wHclhw96UyYI7TvqLE4HcEiXbtvu6kIlYuXUGu0a87z8VHRtZkUsiE&pv=2

http://s7461.chomikuj.pl/File.aspx?e=IMZLHkGg2UgNi0X_WyhJ7qpahbUCXhZAXhrW_JQDNNpWY53CwdksG9ydxffTF51tKc_IxZ9h9YLqYlOhHLzZLyy5XrBZ-WaXrOgsheEcO3on1Iv6mLzHKWGSzg0qIbNaMeoMbvGjdHkHvZCkukCDnA&pv=2

http://s7461.chomikuj.pl/File.aspx?e=ZDggvpumKAPFvwYQDKNI-NdMxCUtg7riMkv6x0fLOW1rdMBnsdre9VecEZcaKtdJzZuUu4ZHel86QmfWQI-_hasrE-ZqgsNUcAwoBVf9wCD-T7y3JBzk8cTbVieN9rLGOet7c2roSQ3zZDuXD7ODfclJOZ8DmH3yySf2Z-IqgCI&pv=2

http://s7461.chomikuj.pl/File.aspx?e=IMZLHkGg2UgNi0X_WyhJ7lXWmIo3OKNzVQsVigR0oKLLAp2ydQ2o-gjBzyoW14DGrk1hBZpR_C_969q4woFGN-bluPUPIvboPf3tsn9YaPP4rBVDQRImsrpwV81kIKFlNDT8MF6mN6fMPZyq-tg5wjonWIyVvHuqT3U0wv7LPSs&pv=2

http://s7032.chomikuj.pl/File.aspx?e=dlrN3TORrA-1PsLX-rsC3jxb2_H_mdJx_GG8iq266RyZGQy3EewlJVKK-vbLsmx__UY-rr1qgEogj5Di0gRCjjQeh5BpmRgIPrXaUUUUawHpTBSpmI9zIvijFIvwNhXQQwejfqJ7PCTUzjVciSAI-g&pv=2

http://s7461.chomikuj.pl/File.aspx?e=IMZLHkGg2UgNi0X_WyhJ7gkwdbmmeDX50Wp4OcpW553Wuwq2pYlApS0aMnRLYtVdKwlZjNmTdqWKT2D41IxWlCDND1b15OYBqTPorOhVAdlHG6qtoejD4sdwUYJTy4NyGxdZ1O9jGPLYsbftsXr1K8aEZ4uMw6f_IBL_wsoDyK4&pv=2

http://s7032.chomikuj.pl/File.aspx?e=IMZLHkGg2UgNi0X_WyhJ7p5zqb_iIrrN1w2VygAoNH0SYDn2tG_1JVrdJaNo_olKWTPtPLsCb1qv7xH4nqdHJmlA9F6E9H0GTUcrIRtwacZlMp5AkSQizvCV75XMhrTf62qtGxOKSUPt4xluNFHC-LibIay8ur_MBJiTdZxmMqw&pv=2

http://s7032.chomikuj.pl/File.aspx?e=ZDggvpumKAPFvwYQDKNI-E4mjybGDZRTLfy7Nqjv45MHSUjR4qOJIhjVCsq8KP5S1iRT8l4Y-z_E4ZIVXPxfZ7XVhuAY_IKLKbV4hYkf4ie8lwiQyeZ6ayk4ln7R7P82K4HnsCfn6KRuCnA7_1EAt_rm2OB0BbU703w6KXgEaPA&pv=2

http://s7461.chomikuj.pl/File.aspx?e=IMZLHkGg2UgNi0X_WyhJ7ucDsQOPUsl3amiOsK0tNkKL1MEObJLifxyJhVl0G0xbHQDg0oqJ0f8RrCSE8JT-feaIEJic4OUV1SkYgsdP61Xhuxd_vl5oyaoYi--zxV2Pm7q1LuqIwjghrKOQHtLgf4NTYY5M4xtckeGRLjJ0-9c&pv=2

http://s7032.chomikuj.pl/File.aspx?e=ZDggvpumKAPFvwYQDKNI-DPRZA14xadMVT1CgXCtI03JlbjpZtwlnwDdyNpbGazC8p1nC-jVR9P4fHh633VUqzT--0GwtKsVVxH2WkS7wlkIWET7IBFl4dblOyzv56roAuyCeRjV-GSnGohAQx6ifw05aYIJFKTPgy3iE1QCiKA&pv=2

http://s7032.chomikuj.pl/File.aspx?e=dlrN3TORrA-1PsLX-rsC3t96mjj485cMdd4GikZeJ7R3hnWaevqUvoDVAv4tW6deVLL7K5z5_bpF97Q8XNkZCXV2DDrpCrD5kQkW4zrRNLQqfuv2B6YmoJFVZnvDBaJFekk8iilhx3KmW1oVTg9NnQ&pv=2

http://s7461.chomikuj.pl/File.aspx?e=ZDggvpumKAPFvwYQDKNI-LfKYdLOS3ALci_KrnozfjACaWkEff_y-C8tbMyhSVnkABHKQD-tVZvRD-nX5GXPxgKwdcGcgxqExSN8JSEWug3YF9NBc_orHLMTy_wMXyHUlY4W5sfjOPcABCdLGAhj2ASU1ZKNJoRQ1RN-EP96Hg4&pv=2

http://s7461.chomikuj.pl/File.aspx?e=ZDggvpumKAPFvwYQDKNI-Ox0VBo1Ah1XtFyQbsCHpHEw-mjWsvNzcomFad5p6sg-N7kpFAqNcC3CV9LUViPtFtWFjsPr6sv2WHqA0uqV2sTcM9STOOHxa11RkDvuOxTfWoqjhoFyJQQv6Y7XNqUFVM8opeX898HVRj1id2YMVEs&pv=2

http://s7461.chomikuj.pl/File.aspx?e=ZDggvpumKAPFvwYQDKNI-EyWmsxVYWk_z8Wu0df5x2vMEnBGk2GEyePvg8gAPjNO1486fzSVXQ7GmEhRZvPj2m3BFTr_DFg3-KlDeBV4jSyJ5lhrMtgXzDP9juEvrarjFm16pJjtxq5YVSQdBq9TiZD_CsB4qeHOgcrHSalS9aw&pv=2

http://s7032.chomikuj.pl/File.aspx?e=IMZLHkGg2UgNi0X_WyhJ7kGjwnB-51f-WRkYITeXjsNpH9qywENMpzVUdOMp3rnytuCm2tyhUotRzWAB3q7y88LGXKwb7IsC9uRmNypkO3nvcRqD9lL3_QnsVqIf2uqQnmwhTPXgTPxuc1Ld53JCcA&pv=2

http://s7461.chomikuj.pl/File.aspx?e=ZDggvpumKAPFvwYQDKNI-J1AAiKB1GtLnqdcltEbfIfVMNdszyNmnPUtrknHCf0el7AKqtcciAxMB_-g-T2jrSLE7PKNOesx7ntvd3A3gwx3dox4LH65_hUwnxB_-ieYGRrrbH-SG4AlvOed5yEi2Of9Ju1rRxK2uG8OzB-s2dw&pv=2

http://s7032.chomikuj.pl/File.aspx?e=dlrN3TORrA-1PsLX-rsC3tND4M9eg8OZ5fUMC63-08zyGPCSyufaMUv9QDw7m8FzYc-NCOSfKpFgmBjbGvLm9GYjwN5sFFvhLNu8qb3Dv4ilnn-2ACmWa5CTDqyoaUvXw4pRHXfSWU3KT5u6cZdSjL8Fo1LikmvZp_bs6cRh-1g&pv=2

http://s7032.chomikuj.pl/File.aspx?e=ZDggvpumKAPFvwYQDKNI-KLtRc0_X2cnFb1gbSAHyTOkwSU9e9z03Jv9NCkfuuQESS31KP4NKlTmvKvkZB38wiNYNwEiuhkkvKWsxky-Klmy1z6zNWBKDSp8s44J_nDxlTJFvZ5jsJYc6DiVOrsC0gPoBzj0cZUvWv8z0jqU9DA&pv=2

http://s7032.chomikuj.pl/File.aspx?e=dlrN3TORrA-1PsLX-rsC3pnMAhS6ymi2LHaVmwimvyGyZlo9cllnuhmZ8ZFovdNKgY4ZDfyu6P1Go2hwM5woMi1gB9rGWD5AXXLvo-N-fUSl4PTo6awlke9YdgBABlTR9nlsUIoMPgn79EWFjPg5in7X5vVDJnfMT_ykkf1JCp0&pv=2

http://s7032.chomikuj.pl/File.aspx?e=IMZLHkGg2UgNi0X_WyhJ7swqzaNb714OeLAo2L5ejUNJHSD4lWLvt6h6fdib1pKP-wOmK3WCHFjEBhhJUIrPD7ShfJ1rCI4BYG6l7J6QAV1DS3CQRr3wjjWykQ4jlW4WLXde2SAKFufG-dH5bLl29g&pv=2

Remove warblade_12y6_full_poland.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.