fernwartung_rb-os.exe

FastViewer

FastViewer GmbH

This is a setup program which is used to install the application. The file has been seen being downloaded from vrnetworldsoftware.fiducia.de.
Publisher:
Fastviewer.com  (signed by FastViewer GmbH)

Product:
FastViewer

Version:
3.20.0037

MD5:
de3fb0935e87e7a10ef88337d71396bd

SHA-1:
650c12f66cfa9d4d33ea612e032bf9075b4b513d

SHA-256:
f45657ea443b6e5c0fe8e4fa2eb4459e7a259ac9a30d2bbd3c1a1127fa3ef83e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 3:37:55 AM UTC  (today)

File size:
2.3 MB (2,441,312 bytes)

Product version:
3.20.0037

Copyright:
(c) FastViewer GmbH. All rights reserved.

Original file name:
FastViewer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\fernwartung_rb-os.exe

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
8/19/2015 2:00:00 AM

Valid to:
10/12/2017 1:59:59 AM

Subject:
CN=FastViewer GmbH, OU=Webcollaboration, O=FastViewer GmbH, L=Neumarkt in der OPf., S=Bavaria, C=DE

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
6D77EB5C4FE29D4DC5D8E087A94041D6

File PE Metadata
Compilation timestamp:
7/30/2015 5:17:35 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:CufoyR0MqkyRAR5vHQY5HYKudKgXWmzESL7XtBkQHOpx:DoyqLkPtHd4xdKGV7XtBpHO7

Entry address:
0x1000

Entry point:
B8, 80, D2, CA, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, EE, 6A, A6, 58, 30, D6, 77, 39, 06, 58, 8A, 00, F9, 0C, A0, 29, 08, 5A, 9C, 4E, EA, 03, F8, B8, 14, 00, 07, 1B, 51, 11, D1, F9, F7, 25, 5E, A2, 65, 14, 1D, 85, 3F, 12, C1, B1, 09, ED, 8D, 76, 61, DC, 72, C0, 5A, D4, 4B, B5, 71, 07, 95, CD, 56, 16, 4D, C4, AC, FA, 46, 88, 68, 2A, 24, 40, 80, 2E, 21, 30, 37, 16, B8, 3F, 0E, 31, 03, A7, 7E, E7, CB, 91, 98, F9, 2A, 63, 0F...
 
[+]

Packer / compiler:
PECompact v2

Code size:
4.6 MB (4,837,376 bytes)

The file fernwartung_rb-os.exe has been seen being distributed by the following URL.

Scan fernwartung_rb-os.exe - Powered by Reason Core Security