» blend.exe.exe.dll.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)
Downloads (41)

blend.exe.exe.dll.exe

bLend

eXXtreme

The executable blend.exe.exe.dll.exe has been detected as malware by 1 anti-virus scanner. This file is typically installed with the program SkinPack DarkGlass by SkinPack. The file has been seen being downloaded from download1875.mediafire.com and multiple other hosts.

File name:

Publisher:

eXXtreme

Product:

bLend

Version:

0, 0, 0, 1

MD5:

fe08676536e18a13a377b037c5a4093a

SHA-1:

ce0c561374ed0575efcd9c70e96020246000de54

SHA-256:

070697f9a331b430b0dc9756c8ae8b75dac6dd073805d11b8f6958fc7e3d390c

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

4/19/2024 1:33:01 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Unnamed.Threat.11

14.3.1.16

File size:

91.7 KB (93,853 bytes)

Product version:

0, 0, 0, 1

Original file name:

bLend.EXE

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\roaming\microsoft\windows\start menu\programs\startup\blend.exe.exe.dll.exe

File PE Metadata

Compilation timestamp:

3/8/2006 6:14:52 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

1536:zVyAurVLaJyfaEkSYt5aJK3AJET+q9/5XwzQu4aDAW8IzuXJcPpb4g:hxuJGJoWD2swJETLXgzX4WBzoGhr

Entry address:

0x34046

Entry point:

B8, 00, 40, 43, 00, 68, 03, A9, 40, 00, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 66, 9C, 60, 50, 8B, D8, 03, 00, 68, 54, D2, 00, 00, 6A, 00, FF, 50, 1C, 89, 43, 08, 68, 00, 00, 40, 00, 8B, 3C, 24, 8B, 33, 66, 81, C7, 80, 07, 8D, 74, 1E, 08, 89, 3B, 53, 8B, 5E, 10, B8, 80, 08, 00, 00, 56, 6A, 02, 50, 57, 6A, 14, 6A, 0A, 56, 6A, 04, 50, 57, FF, D3, 83, EE, 08, 59, F3, A5, 59, 66, 83, C7, 58, 81, C6, EA, 00, 00, 00, F3, A5, FF, D3, 58, 8D, 90, A0, 01, 00, 00, 8B, 0A, 83, C2, 14, 8B, 5A, F0, 85... 
[+]

Entropy:

7.5607

Packer / compiler:

PEtite v2.2

Code size:

45 KB (46,086 bytes)

User Start Menu Item

Name:

bLend.exe.exe.dll.exe

The file blend.exe.exe.dll.exe has been discovered within the following program.

SkinPack DarkGlass by SkinPack

www.skinpacks.com

About 1% of users remove it

The file blend.exe.exe.dll.exe has been seen being distributed by the following 41 URLs.

http://download1875.mediafire.com/s3a4zni60qzg/.../bLend.exe

http://download1875.mediafire.com/yg1iqiaq6ojg/.../bLend.exe

http://download1875.mediafire.com/y309rjm0ekgg/.../bLend.exe

http://download1875.mediafire.com/374y5injbh2g/.../bLend.exe

http://download1875.mediafire.com/egoxuga0m6pg/.../bLend.exe

http://download1275.mediafire.com/ahf72qmqssxg/.../bLend.exe

http://download1875.mediafire.com/yygdexjqu39g/.../bLend.exe

http://download1875.mediafire.com/j87tg99rnb7g/.../bLend.exe

http://download1875.mediafire.com/diivjm8regag/.../bLend.exe

http://download1017.mediafire.com/48ew4o4au7og/.../bLend.exe

http://download1875.mediafire.com/wqffwwn3t3tg/.../bLend.exe

https://mega.nz/persistent/.../0w5jHLKa

http://download756.mediafire.com/inydm1t7fjjg/.../bLend.exe

http://download1875.mediafire.com/2eiommh9kj9g/.../bLend.exe

http://dw.uptodown.com/dwn/JNpYhWVuGnxH2yiiwoBS0x0ihWRNAsdinqTDpT8d97JXKk9FOMXF7ycH5i_35OvH4i0_UMWbdq4pb55t7ot86XSuck2Bvzb8FadHduHFJ4lqqz0FMlQPWegUJc2_H1qP/LOGEPmEPNrs2qVCWw1AIVvsaixUd-LxQsU_D6bJNLsVFIRxB-6j1aRTJ6jWGZMoWTNEc57-96ckXleagX0x_JuzSXCSxWUsVTCHCI3GnI8Xef3VVPfe_iVV-H0zLItkf/YQse-4phChtcTeQy-qQpQf4YUCatXCy6jPdJvDZB_51yS2yJA_xteNTcLxbd8poxIAiNZD6R4d4q1lTG5N2xzsdhdVY1hyoaQA_2k2A0HqVSg_R2iOtNjlWoAnf8MJ8P/.../

http://download1875.mediafire.com/ee1smhd3v1rg/.../bLend.exe

http://download1875.mediafire.com/flo9y7jcxa0g/.../bLend.exe

http://download1875.mediafire.com/raxfqu9la4bg/.../bLend.exe

http://download1875.mediafire.com/2rcyaeb41rvg/.../bLend.exe

http://download1875.mediafire.com/b9w4kdovozmg/.../bLend.exe

http://download1875.mediafire.com/69nbhf6jk4jg/.../bLend.exe

https://mega.nz/temporary/.../0w5jHLKa

http://download1875.mediafire.com/1a97bbt8hgag/.../bLend.exe

http://download1875.mediafire.com/ldv4pac67gvg/.../bLend.exe

http://download1017.mediafire.com/17p9csdmzuqg/.../bLend.exe

http://download1875.mediafire.com/34xxypd1z50g/.../bLend.exe

http://download1875.mediafire.com/wjo65459onug/.../bLend.exe

http://download1875.mediafire.com/4lar4wu8ixpg/.../bLend.exe

http://download1875.mediafire.com/h31ysba7cy3g/.../bLend.exe

http://download1875.mediafire.com/ozvafo8xzecg/.../bLend.exe

Latest 30 of 41 download URLs

Remove blend.exe.exe.dll.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.