» dcu_hwe_cdma_mdm.exe
Overview
Analysis
File Details
Downloads (1)

dcu_hwe_cdma_mdm.exe

UAB ”DIGITEKA”

This is a setup program which is used to install the application. The file has been seen being downloaded from www.dc-unlocker.com.

File name:

Publisher:

UAB ”DIGITEKA” (signed and verified)

Version:

1.0.0.33

MD5:

7aa1541fd389ab6c980b1e78a80520c2

SHA-1:

084411a180594697ee1923a359786cf5b19eb89d

SHA-256:

9cd590bbaa6fd0a4f7731dcd2c18534b9844de7c196add7f0f29e164b5dc65c5

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/25/2024 12:26:08 PM UTC (today)

File size:

3 MB (3,164,816 bytes)

Product version:

1.00.0033

File type:

Executable application (Win32 EXE)

Language:

Lithuanian (Lithuania)

Common path:

C:\users\{user}\downloads\dcu_hwe_cdma_mdm.exe

Digital Signature

Signed by:

UAB ”DIGITEKA”

Authority:

StartCom Ltd.

Valid from:

1/2/2013 3:21:01 PM

Valid to:

1/4/2016 1:11:22 AM

Subject:

E=manager@digiteka.lt, CN=UAB ”DIGITEKA”, O=UAB ”DIGITEKA”, L=Panevėžys, S=Panevezio Apskritis, C=LT, Description=BQlAnZSt091y56bp

Issuer:

CN=StartCom Class 3 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:

085A

File PE Metadata

Compilation timestamp:

6/20/1992 3:52:17 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:LzBQ67tnJm7vk2AfHZ4V0viKcG7NEek8zOW/BdihFg:phJF2Afx20FkmOVhFg

Entry address:

0x6AE23A

Entry point:

60, C7, 44, 24, 1C, 00, 3E, CB, 00, E9, CE, 47, D2, FF, 86, 7E, 2C, A4, 3A, 72, EC, 78, C3, 24, 50, 6D, 53, 96, B3, A7, 3B, 57, A7, 35, 18, A7, FA, 41, F9, 3B, 4E, 01, 83, E2, CB, 79, 21, 97, F2, 4A, B8, EF, 7A, A2, DE, DC, 3F, 2C, 31, 00, 5B, E5, 60, E5, 8D, 4A, C8, 20, 0D, CF, 41, CC, BD, D0, 79, 61, B5, B1, B5, 25, 34, BD, A0, E2, FB, 9A, 53, FD, C6, F0, 88, 1A, 70, C7, 4C, B9, E4, 01, 51, 9C, 02, B4, 84, 15, 0E, 64, 0E, BA, B1, CF, 67, DA, 75, 23, 02, E2, 1B, 48, 82, 55, 00, A7, D3, 72, A5, 35, D2, 5F... 
[+]

Entropy:

7.8623 (probably packed)

Code size:

1.6 MB (1,675,264 bytes)

The file dcu_hwe_cdma_mdm.exe has been seen being distributed by the following URL.

https://www.dc-unlocker.com/.../DCU_HWE_CDMA_MDM.exe

Scan dcu_hwe_cdma_mdm.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.