ateraquickconnect_customized.exe

AlphaControlOneTimeRemoteConnection

Atera Networks LTD.

Publisher:
Atera Networks LTD  (signed by Atera Networks LTD.)

Product:
AlphaControlOneTimeRemoteConnection

Version:
3.0.0.4

MD5:
fef90826d7dece5507ef74beca349f3a

SHA-1:
9fac0690d0bd7d3bfc7175416740c527442d2dd4

SHA-256:
4d2e94600bcea66dbce58ecbffa8a0fa822b60cf7f99adf2b519636956b6f769

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 3:58:04 AM UTC  (today)

File size:
1.1 MB (1,170,104 bytes)

Product version:
3.0.0.4

Copyright:
Copyright © 2015

Original file name:
AlphaControlOneTimeRemoteConnection.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\ateraquickconnect_customized.exe

Digital Signature
Authority:
thawte, Inc.

Valid from:
2/2/2015 2:00:00 AM

Valid to:
2/3/2016 1:59:59 AM

Subject:
CN=Atera Networks LTD., O=Atera Networks LTD., L=Tel Aviv-Jaffa, S=Israel, C=IL

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
5F11C47D3F8C468E5D38279DE98078CE

File PE Metadata
Compilation timestamp:
11/22/2015 7:30:03 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:/bKDPqr8auazVy+TDnCFd3JzYy0sIMY+j7Bl:/bQPWu4RCbJDll

Entry address:
0x11413E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.3222

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.1 MB (1,122,816 bytes)

The file ateraquickconnect_customized.exe has been seen being distributed by the following URL.

Scan ateraquickconnect_customized.exe - Powered by Reason Core Security