dcu_hwe_cdma_mdm.exe

UAB ”DIGITEKA”

This is a setup program which is used to install the application. The file has been seen being downloaded from www.dc-unlocker.com.
Publisher:
UAB ”DIGITEKA”  (signed and verified)

Version:
1.0.0.33

MD5:
7aa1541fd389ab6c980b1e78a80520c2

SHA-1:
084411a180594697ee1923a359786cf5b19eb89d

SHA-256:
9cd590bbaa6fd0a4f7731dcd2c18534b9844de7c196add7f0f29e164b5dc65c5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 11:24:31 PM UTC  (a few moments ago)

File size:
3 MB (3,164,816 bytes)

Product version:
1.00.0033

File type:
Executable application (Win32 EXE)

Language:
Lithuanian (Lithuania)

Common path:
C:\users\{user}\downloads\dcu_hwe_cdma_mdm.exe

Digital Signature
Authority:
StartCom Ltd.

Valid from:
1/2/2013 3:21:01 PM

Valid to:
1/4/2016 1:11:22 AM

Subject:
E=manager@digiteka.lt, CN=UAB ”DIGITEKA”, O=UAB ”DIGITEKA”, L=Panevėžys, S=Panevezio Apskritis, C=LT, Description=BQlAnZSt091y56bp

Issuer:
CN=StartCom Class 3 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
085A

File PE Metadata
Compilation timestamp:
6/20/1992 3:52:17 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:LzBQ67tnJm7vk2AfHZ4V0viKcG7NEek8zOW/BdihFg:phJF2Afx20FkmOVhFg

Entry address:
0x6AE23A

Entry point:
60, C7, 44, 24, 1C, 00, 3E, CB, 00, E9, CE, 47, D2, FF, 86, 7E, 2C, A4, 3A, 72, EC, 78, C3, 24, 50, 6D, 53, 96, B3, A7, 3B, 57, A7, 35, 18, A7, FA, 41, F9, 3B, 4E, 01, 83, E2, CB, 79, 21, 97, F2, 4A, B8, EF, 7A, A2, DE, DC, 3F, 2C, 31, 00, 5B, E5, 60, E5, 8D, 4A, C8, 20, 0D, CF, 41, CC, BD, D0, 79, 61, B5, B1, B5, 25, 34, BD, A0, E2, FB, 9A, 53, FD, C6, F0, 88, 1A, 70, C7, 4C, B9, E4, 01, 51, 9C, 02, B4, 84, 15, 0E, 64, 0E, BA, B1, CF, 67, DA, 75, 23, 02, E2, 1B, 48, 82, 55, 00, A7, D3, 72, A5, 35, D2, 5F...
 
[+]

Entropy:
7.8623  (probably packed)

Code size:
1.6 MB (1,675,264 bytes)

The file dcu_hwe_cdma_mdm.exe has been seen being distributed by the following URL.

Scan dcu_hwe_cdma_mdm.exe - Powered by Reason Core Security