home

dtzteicerafdwriter_v10.exe

DTZICFDW

UAB ”DIGITEKA”

This is a setup program which is used to install the application. The file has been seen being downloaded from files.dc-unlocker.com and multiple other hosts.
Publisher:
UAB Digiteka  (signed by UAB ”DIGITEKA”)

Product:
DTZICFDW

Description:
ZTE ICERA writer

Version:
0.0.0.10

MD5:
f04b381372f82ce6288018790fc810b7

SHA-1:
25f090e21300e6f953bf9ec8a25d8a38831aec6d

SHA-256:
0382c41093e8a426c2976c19251ea7c743f664c760bace9e29deeb6465404a9e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 4:22:24 PM UTC  (today)

File size:
6 MB (6,318,736 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
Lithuanian (Lithuania)

Common path:
C:\users\{user}\downloads\programs\dtzteicerafdwriter_v10.exe

Digital Signature
Signed by:
UAB ”DIGITEKA”

Authority:
StartCom Ltd.

Valid from:
1/2/2013 10:51:01 AM

Valid to:
1/3/2016 8:41:22 PM

Subject:
E=manager@digiteka.lt, CN=UAB ”DIGITEKA”, O=UAB ”DIGITEKA”, L=Panevėžys, S=Panevezio Apskritis, C=LT, Description=BQlAnZSt091y56bp

Issuer:
CN=StartCom Class 3 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
085A

File PE Metadata
Compilation timestamp:
7/2/2014 10:44:00 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:wZMPBwS7sL9hp8lb429VcXWKnsXNL+eg0jb8pXOZTkSugO/NA2MBwmg+8A/at57F:+1S74pUb5RKnsXVJMxAaAtQ+L/U5ghE

Entry address:
0xD92F65

Entry point:
E9, C5, DE, E9, FF, 9C, C3, BD, F1, 5F, CD, 41, 26, 3E, 4C, 13, 64, EB, 34, 9A, 20, 4A, F4, 8E, A0, BA, 02, 88, 02, F8, 76, 2C, 20, 42, CA, 6A, D3, C3, 28, F4, 09, 29, 92, 92, 83, 19, 0F, 52, D0, CA, 59, F1, 78, A8, 40, 27, 22, 3C, A1, F0, 2C, 0C, 78, 2C, 92, 28, 1C, 38, 58, BE, 91, 60, 38, E4, E2, 68, 22, E4, 20, 9C, 94, 9B, BB, D1, A2, ED, C2, DA, A0, 3E, C5, E9, C7, D9, E1, EE, F2, D5, EF, ED, 85, AE, 62, E9, FB, C5, 78, 1E, D5, CD, B3, E8, 44, 66, 08, 26, B8, AE, 90, 38, 46, 73, E0, BA, F2, 71, 16, 14...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
3.3 MB (3,425,280 bytes)

The file dtzteicerafdwriter_v10.exe has been seen being distributed by the following 2 URLs.

https://files.dc-unlocker.com/backend/r.php/.../53b3ea1464451

https://files.dc-unlocker.com/backend/r.php/.../E63876A02D8C4D8DA616754A5102B0CB

Scan dtzteicerafdwriter_v10.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.