home

warlock.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from s6127.chomikuj.pl.
MD5:
404e063a268bb46b6e0719020cd1e832

SHA-1:
67ad7d049546296df5ec32271d747cf8f407670d

SHA-256:
3f62b7b5960ea20258f6afedcba95975d5f48809bf50c7fca5e4b07c4e38d4e8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/16/2024 9:22:54 PM UTC  (today)

File size:
5.4 MB (5,643,776 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\alawar.pl\warlock the curse of the shaman\warlock.exe

File PE Metadata
Compilation timestamp:
12/1/2014 5:54:45 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:/vDHPUS1VgWdRQp8SKWWSdpzG5VKSOWud4ZZi8KiviuIa+w6zt2ElNF+po:nDHPUMDSK47SVKSOWud4ZZi/iX+w6ztd

Entry address:
0x37C4CD

Entry point:
E8, 6B, 1E, 01, 00, E9, 78, FE, FF, FF, 33, C0, F6, C3, 10, 74, 01, 40, F6, C3, 08, 74, 03, 83, C8, 04, F6, C3, 04, 74, 03, 83, C8, 08, F6, C3, 02, 74, 03, 83, C8, 10, F6, C3, 01, 74, 03, 83, C8, 20, F7, C3, 00, 00, 08, 00, 74, 03, 83, C8, 02, 8B, CB, BA, 00, 03, 00, 00, 23, CA, 56, BE, 00, 02, 00, 00, 74, 23, 81, F9, 00, 01, 00, 00, 74, 16, 3B, CE, 74, 0B, 3B, CA, 75, 13, 0D, 00, 0C, 00, 00, EB, 0C, 0D, 00, 08, 00, 00, EB, 05, 0D, 00, 04, 00, 00, 8B, CB, 81, E1, 00, 00, 03, 00, 74, 0C, 81, F9, 00, 00, 01...
 
[+]

Code size:
3.8 MB (4,012,032 bytes)

The file warlock.exe has been seen being distributed by the following URL.

http://s6127.chomikuj.pl/File.aspx?e=g5EW9FxEnPeFGHDk12vRZ--itOLUyaEadUCyZI4Ubfxt9IlmgSnzGtL8AO5yzbtLAdHcCpX5Ie264XKPFvUxEaFEpGFNuuCf-xmE1HEiAJDjUqUsFktVvP7B9KE1YsaEm4-fyGZBd95sVeG-uQOwGA&pv=2

Scan warlock.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.