dc_zte_icera_unlocker.exe

UAB ”DIGITEKA”

This is a setup program which is used to install the application. The file has been seen being downloaded from files.dc-unlocker.com and multiple other hosts.
Publisher:
UAB Digiteka  (signed by UAB ”DIGITEKA”)

Description:
Unlock solution for ZTE modems with Icera chipset

Version:
1.0.0.26

MD5:
2ff698a368fc59b1ba7d416367e59c6f

SHA-1:
683482008d26845d63cc1e3721e5405eed49d814

SHA-256:
49d31a6a78d39f58216754f7d30aa40beb4f090ab7ed234a2c4d56188c0bc874

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/29/2024 3:03:09 AM UTC  (today)

File size:
3 MB (3,117,712 bytes)

Product version:
1.00.0026

File type:
Executable application (Win32 EXE)

Language:
Lithuanian (Lithuania)

Common path:
C:\users\{user}\downloads\dc_zte_icera_unlocker.exe

Digital Signature
Authority:
StartCom Ltd.

Valid from:
1/2/2013 11:51:01 AM

Valid to:
1/3/2016 9:41:22 PM

Subject:
E=manager@digiteka.lt, CN=UAB ”DIGITEKA”, O=UAB ”DIGITEKA”, L=Panevėžys, S=Panevezio Apskritis, C=LT, Description=BQlAnZSt091y56bp

Issuer:
CN=StartCom Class 3 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
085A

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:4V/4vacTdVxhn0EB4V+4tDc2NYeAmauWoMTMFtciUH2OuXbxHPnmq4ri31:4V/4ac3n0k+T9NhdaRgeiUWOsHPmxril

Entry address:
0x67E1EB

Entry point:
9C, C7, 04, 24, 1F, 01, 0F, 45, E8, 79, 66, 01, 00, 66, 85, F1, 9C, 09, DB, E9, 10, 0B, 01, 00, E4, 0C, 73, F7, CF, 0E, 46, A6, AD, 4E, BD, BD, 94, 5D, BD, 3B, C1, B2, 3B, 37, B1, CA, 8C, 66, 78, FF, 02, 73, C5, 2E, B5, C3, 84, 72, B1, 15, 8B, CB, F8, 27, 60, 9B, 22, D8, 2E, 1F, 55, 82, 16, 37, CD, 34, A9, 7C, 79, B5, 41, 5C, DA, 1B, 76, 7F, 67, 80, BF, 8A, 11, 5E, 71, 28, 0D, 7B, 22, 09, 4D, 34, BF, 84, 04, 9A, 7F, CA, 93, A2, 80, A3, 6B, 7B, 0D, 22, 0A, 67, 18, 10, D6, A3, 04, D9, A2, A3, CC, 56, B0, 33...
 
[+]

Code size:
1.6 MB (1,630,720 bytes)

The file dc_zte_icera_unlocker.exe has been seen being distributed by the following 4 URLs.

https://files.dc-unlocker.com/backend/r.php/.../BEB85648500940BAB2E3BA4C73247022?_=1473338249842

Scan dc_zte_icera_unlocker.exe - Powered by Reason Core Security