home

caidatfont.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from doc-08-10-docs.googleusercontent.com.
MD5:
4668d82957bcffaedc24e29c0665187d

SHA-1:
32eeaa0c358a8e73eb4c5c59ebdb22a51804a4b9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 10:38:38 PM UTC  (today)

File size:
7.2 MB (7,523,193 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\caidatfont.exe

File PE Metadata
Compilation timestamp:
6/10/1999 4:57:29 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:GysAAsBbYsL9Xxx3OnW7Ynoz7mXqje/JCPowZMEBqprXg:G7AbBrx3QWMnozyXqjsaowLorXg

Entry address:
0x71A0

Entry point:
0F, C8, 81, CF, 28, 7E, 75, 00, C7, C3, 24, 56, 4C, 12, 3D, CA, 5D, FA, FD, 08, C7, F6, D1, E8, CE, 00, 00, 00, F6, D6, 8D, 3D, 12, B0, 35, 8C, C7, C7, 9D, D3, 61, BE, 1C, A8, 0F, AF, F7, B4, 0A, 80, D8, F8, 85, D2, 78, 02, 85, D8, 8D, 05, 04, E5, F5, FF, BE, 4A, FF, AE, 92, 05, 3F, 32, 0A, 00, 0F, B7, F8, 8D, 3D, 75, 67, 4B, D1, 85, D9, F7, DF, 68, 7C, 02, 00, 00, 8B, F2, 5E, 4F, 81, F6, C9, 09, 00, 00, 77, 09, 69, FF, 7E, 39, B3, 66, 0F, B7, FA, 0F, CF, BF, 81, B1, FF, FF, 81, F7, F5, 4C, 00, 00, 81, C7...
 
[+]

Entropy:
7.9940  (probably packed)

Code size:
48 KB (49,152 bytes)

The file caidatfont.exe has been seen being distributed by the following URL.

https://doc-08-10-docs.googleusercontent.com/docs/securesc/gu2ecf04g86r236e001orcet3t6qbl7o/8ed0bivmcd09mj11hfvd15u8338b237f/1440655200000/.../10731019738293459489/0B5nC3N1A6I1FM2Y4LTVsRXBJTDQ?e=download

Scan caidatfont.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.