home

cert1.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.fazenda.sp.gov.br.
MD5:
1851bff976a79805383d42eb6aa86cb9

SHA-1:
52cb2adde1376a59cda5d1910d04e6ecc00249f8

SHA-256:
b6bb10296c7f32f6b378e911f0dc452caa2d935f42b1fbfa391ae836f70fc049

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
2/26/2025 9:47:41 AM UTC  (today)

File size:
21.5 KB (22,051 bytes)

File type:
Executable application (Win16 EXE)

Common path:
C:\users\{user}\downloads\cert1.exe

File PE Metadata
OS version:
270.16544

OS bitness:
Win16

Subsystem:
Native (none required)

Linker version:
3.0

CTPH (ssdeep):
384:dEWDtwGWK4xLmfHWK6FUODC2DryuBCf8KnPrd8ZBqyz68v6WbokVnA+vrIPE7ULt:dEW/WKYLmwFUCC2DWMCVPrd8z68iWboV

Entry address:
0xA4009C

Entry point:
4D, 5A, 01, 01, 01, 00, 01, 00, 05, 00, 00, 00, FF, FF, 00, 00, 14, 00, 00, 00, 00, 00, 0A, 00, 40, 00, 00, 00, 01, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 10, 01, 00, 00, 04, 00, 0A, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 54, 68, 69, 73, 20, 69, 73, 20, 61, 20, 57, 69, 6E, 64, 6F, 77...
 
[+]

Code size:
256 KB (262,147 bytes)

The file cert1.exe has been seen being distributed by the following URL.

http://www.fazenda.sp.gov.br/download/.../cert1.exe

Scan cert1.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.