home

handysetup_v3.exe

Ates Yazilim, Bilgisayar & Internet Teknolojileri Tic Ltd Sti

This is a setup program which is used to install the application. The file has been seen being downloaded from www.traidnt.net and multiple other hosts.
Publisher:
Ates Yazilim, Bilgisayar & Internet Teknolojileri Tic Ltd Sti  (signed and verified)

Version:
3.3.0.0

MD5:
f6410c1108a6f5b86599fa18b85f98f1

SHA-1:
8abef785e53b88aad5853ff65503af6a8e7989bf

SHA-256:
08d4f5c1fdf5a959dd0170b749e92cf08a30fabe310f0b03034dbdba605fc4a3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 7:20:51 PM UTC  (today)

File size:
13.4 MB (14,038,888 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\{random}\handysetup_v3.exe

Digital Signature
Signed by:
Ates Yazilim, Bilgisayar & Internet Teknolojileri Tic Ltd Sti

Authority:
VeriSign, Inc.

Valid from:
9/14/2012 2:00:00 AM

Valid to:
5/9/2013 1:59:59 AM

Subject:
CN="Ates Yazilim, Bilgisayar & Internet Teknolojileri Tic Ltd Sti", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Ates Yazilim, Bilgisayar & Internet Teknolojileri Tic Ltd Sti", L=Istanbul, S=Istanbul, C=TR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
75224E6FFA6A13A60DAFE010B6ACF4A8

File PE Metadata
Compilation timestamp:
1/24/2013 2:25:58 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:oed/nwK54vwduOttNRaEYIjnndO6S/4gq3fdTDBKkpRc/+eaL2u0GGoi6BY9BuZ:oHhvwdmE1bdWqvxBKkfcQLTCNoz

Entry address:
0x1837F8

Entry point:
55, 8B, EC, 83, C4, F0, 53, 56, B8, E0, 95, 57, 00, E8, 1A, 72, E8, FF, 8B, 1D, 34, E9, 58, 00, 6A, 00, 68, B8, 38, 58, 00, E8, 48, AE, E8, FF, 85, C0, 0F, 97, C0, 84, C0, 74, 15, 6A, 30, 68, D8, 38, 58, 00, 68, E4, 38, 58, 00, 6A, 00, E8, AC, B0, E8, FF, EB, 74, 8B, 03, E8, 0F, 1C, FA, FF, 6A, 00, 8B, 03, 8B, 80, 78, 01, 00, 00, 50, E8, 43, B2, E8, FF, 8B, 03, 8B, 80, 78, 01, 00, 00, BA, EC, FF, FF, FF, 52, 50, E8, D7, B4, E8, FF, 8B, 13, 8B, 92, 78, 01, 00, 00, BE, EC, FF, FF, FF, 25, FF, FF, FB, FF, 0D...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.5 MB (1,583,616 bytes)

The file handysetup_v3.exe has been seen being distributed by the following 25 URLs.

http://www.traidnt.net/vb/safety_link.php?url=http://files.handycafe.com/.../HandySetup_v3.exe

http://handycafe-client.software.informer.com/.../

http://www.downloadcollection.com/downloadredirect.php?idx=139541

http://www.logitheque.com/.../9e3994dd.dl

http://www.lelogicielgratuit.com/.../9e3994dd.dl

http://cdn4.handycafe.com/.../HandySetup_v3.exe

http://www.soft-go.com/dl/.../75109

https://docs.google.com/uc?authuser=0&id=0BwzAZcCF3CifZGszam5FbVJmV2s&export=download

https://docs.google.com/uc?id=0BwzAZcCF3CifZGszam5FbVJmV2s&export=download

https://www.google.com/accounts/ServiceLogin?service=writely&passive=1209600&continue=https://.../uc?id=0BwzAZcCF3CifZGszam5FbVJmV2s&export=download&followup=https://.../uc?id=0BwzAZcCF3CifZGszam5FbVJmV2s&export=download&ltmpl=homepage&authuser=0

https://accounts.google.com/ServiceLogin?service=writely&passive=1209600&continue=https://.../uc?id=0BwzAZcCF3CifZGszam5FbVJmV2s&export=download&followup=https://.../uc?id=0BwzAZcCF3CifZGszam5FbVJmV2s&export=download&ltmpl=homepage&authuser=0

https://docs.google.com/uc?id=0BwzAZcCF3CifZGszam5FbVJmV2s&export=download&pli=1&auth=DQAAAI8AAAAzT-jh663LVqUMxqJwHFC07-uaiWQ0_UrrfBRgDkdpMXQXv0qPWazEJykSmixgJtCGthiC9hHb2wMfCg6-sUWWydb5GNXGifTjloUUop_SvFGOXBJv6FRPx8Ufn3LxcWrfHINrDinra7nj0lXDB3nwT1la9gScdgdQTD-3t00JOs_ti2GxYvSJ3YUUHA-cpOw&authuser=0

https://docs.google.com/uc?id=0BwzAZcCF3CifZGszam5FbVJmV2s&export=download&pli=1

https://doc-08-40-docs.googleusercontent.com/docs/securesc/ojsv551l9rqg5dceg87rl1u12ikeqik3/pn98graiokr99a18arsj4rgo097la019/1374796800000/17004170942711882920/.../0BwzAZcCF3CifZGszam5FbVJmV2s?h=16653014193614665626&e=download

https://docs.google.com/nonceSigner?nonce=ufto38pmi1j6e&continue=https://doc-08-40-docs.googleusercontent.com/docs/securesc/ojsv551l9rqg5dceg87rl1u12ikeqik3/pn98graiokr99a18arsj4rgo097la019/1374796800000/17004170942711882920/.../0BwzAZcCF3CifZGszam5FbVJmV2s?e=download&h=16653014193614665626&hash=aldlu1gcr0d6d9esll821h7kto76dhmk

https://doc-08-40-docs.googleusercontent.com/docs/securesc/ojsv551l9rqg5dceg87rl1u12ikeqik3/pn98graiokr99a18arsj4rgo097la019/1374796800000/17004170942711882920/.../0BwzAZcCF3CifZGszam5FbVJmV2s?e=download&h=16653014193614665626&nonce=ufto38pmi1j6e&user=13211802238514479844&hash=j4itueg56gfb4lg74a0kvte13m36uu07

https://docs.google.com/uc?authuser=0&id=0BwzAZcCF3CifWm1nYnN2dVgxS1E&export=download

https://www.google.com/accounts/ServiceLogin?service=writely&passive=1209600&continue=https://.../uc?authuser=0&id=0BwzAZcCF3CifWm1nYnN2dVgxS1E&export=download&followup=https://.../uc?authuser=0&id=0BwzAZcCF3CifWm1nYnN2dVgxS1E&export=download&ltmpl=homepage&authuser=0

https://accounts.google.com/ServiceLogin?service=writely&passive=1209600&continue=https://.../uc?authuser=0&id=0BwzAZcCF3CifWm1nYnN2dVgxS1E&export=download&followup=https://.../uc?authuser=0&id=0BwzAZcCF3CifWm1nYnN2dVgxS1E&export=download&ltmpl=homepage&authuser=0

https://docs.google.com/uc?authuser=0&id=0BwzAZcCF3CifWm1nYnN2dVgxS1E&export=download&pli=1&auth=DQAAAI4AAABTJMEo1Qzc80Rvj7B_TfT3HPH1MMT0ZatEUaXi2O2xPsFipn9WVuo25gaYyXnzwjDZMRV-cxBLA7IkQuNPxnCbEOMOuhh10FB6gsfe5Wx8kCOuzNlKPaQEvNzP1y25QEi-NTYKo5r7nADFHi12zfLpD2eZztfnUHkF1ekIOIq-01TLJFXOXQEn1X1QGdH5MGs

https://docs.google.com/uc?id=0BwzAZcCF3CifWm1nYnN2dVgxS1E&export=download&pli=1

https://doc-10-40-docs.googleusercontent.com/docs/securesc/ojsv551l9rqg5dceg87rl1u12ikeqik3/09e3prdm87h75iruq38j9508b85dgtrk/1375236000000/17004170942711882920/.../0BwzAZcCF3CifWm1nYnN2dVgxS1E?h=16653014193614665626&e=download

https://docs.google.com/nonceSigner?nonce=sha3h65mh4gv6&continue=https://doc-10-40-docs.googleusercontent.com/docs/securesc/ojsv551l9rqg5dceg87rl1u12ikeqik3/09e3prdm87h75iruq38j9508b85dgtrk/1375236000000/17004170942711882920/.../0BwzAZcCF3CifWm1nYnN2dVgxS1E?e=download&h=16653014193614665626&hash=2eoipomlr4mphaa13r2lcvpi3eue3esf

https://doc-10-40-docs.googleusercontent.com/docs/securesc/ojsv551l9rqg5dceg87rl1u12ikeqik3/09e3prdm87h75iruq38j9508b85dgtrk/1375236000000/17004170942711882920/.../0BwzAZcCF3CifWm1nYnN2dVgxS1E?e=download&h=16653014193614665626&nonce=sha3h65mh4gv6&user=13211802238514479844&hash=th126dfcr7meg72cangg15u943c44rq2

http://files.handycafe.com/.../HandySetup_v3.exe

Scan handysetup_v3.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.