home

dc_zte_icera_unlocker.exe

UAB ”DIGITEKA”

This is a setup program which is used to install the application. The file has been seen being downloaded from 192.168.43.1 and multiple other hosts.
Publisher:
UAB Digiteka  (signed by UAB ”DIGITEKA”)

Description:
Unlock solution for ZTE modems with Icera chipset

Version:
1.0.0.25

MD5:
2aa184234632fa3d257fae61786b1182

SHA-1:
8e63a5bfc74c26a9567c443720cccd2c3d79a502

SHA-256:
4056732b1af7004e6eb12b32ab630dfa3a39b40c3ab558a539c053d8671ae61e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 12:23:15 PM UTC  (today)

File size:
3 MB (3,133,584 bytes)

Product version:
1.00.0025

File type:
Executable application (Win32 EXE)

Language:
Lituano (Lituânia)

Common path:
C:\users\{user}\downloads\dc_zte_icera_unlocker.exe

Digital Signature
Signed by:
UAB ”DIGITEKA”

Authority:
StartCom Ltd.

Valid from:
1/2/2013 9:51:01 AM

Valid to:
1/3/2016 7:41:22 PM

Subject:
E=manager@digiteka.lt, CN=UAB ”DIGITEKA”, O=UAB ”DIGITEKA”, L=Panevėžys, S=Panevezio Apskritis, C=LT, Description=BQlAnZSt091y56bp

Issuer:
CN=StartCom Class 3 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
085A

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:j27M9HqU7MzqwBwfaSJR3TE0adWN2R7lzfxNpHBVCbaCW9mhsn4SkA72lVIHyfoa:jsM9H68PJ2llz5HBVCbXWwhEk4QVI7gP

Entry address:
0x697EB6

Entry point:
50, C7, 04, 24, 2A, 01, 4A, 54, E9, 5C, B3, DF, FF, E9, B4, 96, FF, FF, A9, 52, 64, F8, 53, 00, 46, 3F, 12, E7, 1A, 5E, A8, CC, 26, 48, 8C, E3, 37, C6, 90, 3F, B1, 4B, 06, ED, F6, 81, 80, F0, EE, 87, 70, 02, AB, 4E, BC, CB, C7, A8, 43, 24, 42, 34, 09, F5, 0E, 40, 0B, 8E, 36, 36, 77, 6B, 90, F3, 6E, A9, 3B, 3A, BD, B5, CF, A4, FA, D6, B4, 31, EB, FB, 02, A1, 99, 35, B9, 2F, 40, 54, B6, 7C, 3E, 38, F5, 1D, 96, F5, C2, F8, 14, 62, 5F, 9A, 70, A9, 7F, 39, 65, 44, 3D, B8, CF, 2E, 5F, 52, 6A, DE, 29, E0, 50, 68...
 
[+]

Code size:
1.6 MB (1,630,208 bytes)

The file dc_zte_icera_unlocker.exe has been seen being distributed by the following 3 URLs.

http://192.168.43.1:2999/.../dc_ZTE_Icera_unlocker.exe

http://www.dc-unlocker.com/.../dc_ZTE_Icera_unlocker.exe

https://www.dc-unlocker.com/.../dc_ZTE_Icera_unlocker.exe

Scan dc_zte_icera_unlocker.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.