huaweihisiliconfirmwarewriter_v24.exe

DTHHSFDW

UAB ”DIGITEKA”

This is a setup program which is used to install the application. The file has been seen being downloaded from files.dc-unlocker.com and multiple other hosts.
Publisher:
UAB Digiteka  (signed by UAB ”DIGITEKA”)

Product:
DTHHSFDW

Description:
Huawei HiSilicon Firmware writer

Version:
0.0.0.24

MD5:
74dfd327075d51d4ed8ef3d72dcb00ee

SHA-1:
f8013adc9667d26e4e127a7f67c2bc127ccb40c6

SHA-256:
3fb9f73995a8cf88cf9805ba8f866f4ded734fbb853c101329cf32f539ac0f27

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/29/2024 3:05:51 AM UTC  (today)

File size:
10 MB (10,436,752 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
Lithuanian (Lithuania)

Digital Signature
Authority:
StartCom Ltd.

Valid from:
1/2/2013 12:51:01 PM

Valid to:
1/3/2016 10:41:22 PM

Subject:
E=manager@digiteka.lt, CN=UAB ”DIGITEKA”, O=UAB ”DIGITEKA”, L=Panevėžys, S=Panevezio Apskritis, C=LT, Description=BQlAnZSt091y56bp

Issuer:
CN=StartCom Class 3 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
085A

File PE Metadata
Compilation timestamp:
5/4/2015 12:33:05 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:a3xvqf8MndEBNLBNuhVhPfWm7jkpcqcTeP3Wni218Url5Zt/7ByPSD:a3Mf8Md4W3ybQOl29rz7BMSD

Entry address:
0x1578C5A

Entry point:
68, 10, AB, 85, 48, 60, C7, 44, 24, 20, 07, 8D, 20, AF, E9, D1, F0, FF, FF, F5, 48, 34, D1, 53, 44, 9B, 30, AC, 42, 70, 45, 9F, D8, 98, D4, 02, 18, 1D, 17, 6A, BA, C8, D8, AA, 63, 9B, 97, 58, 13, CA, 5E, 0D, 86, FA, C6, 79, 81, 37, F9, 7C, 01, DC, 56, C1, FB, 4D, CF, 62, 3C, 6B, EC, B6, 32, 06, 12, E8, 29, EF, 32, 1F, F4, D9, 63, BE, 3A, 73, 48, E2, 07, 81, 3D, 84, 35, C7, D7, EB, 59, 9A, E2, B1, ED, 77, 88, 30, EB, DA, D5, 14, 65, C5, DA, 60, B3, 22, 88, EF, BD, C0, 01, 8A, 93, 08, F2, 7E, F9, BF, C2, 08...
 
[+]

Entropy:
7.8668  (probably packed)

Code size:
3.7 MB (3,902,976 bytes)

The file huaweihisiliconfirmwarewriter_v24.exe has been seen being distributed by the following 17 URLs.

https://files.dc-unlocker.com/backend/r.php/.../C6235D6237524FD6B988B90715E137CA?_=1473159541877

https://files.dc-unlocker.com/backend/r.php/.../C6235D6237524FD6B988B90715E137CA?_=1454999229818

https://mega.nz/temporary/.../6Rtkwa4L

https://routerunlock.com/?wpfb_dl=1243

https://files.dc-unlocker.com/backend/r.php/.../C6235D6237524FD6B988B90715E137CA

https://files.dc-unlocker.com/backend/r.php/.../C6235D6237524FD6B988B90715E137CA?_=1462538152668

https://files.dc-unlocker.com/backend/r.php/.../C6235D6237524FD6B988B90715E137CA?_=1472333409840

Scan huaweihisiliconfirmwarewriter_v24.exe - Powered by Reason Core Security