» huaweihisiliconfirmwarewriter_v26.exe
Overview
Analysis
File Details
Downloads (5)

huaweihisiliconfirmwarewriter_v26.exe

DTHHSFDW

UAB Digiteka

This is a setup program which is used to install the application. The file has been seen being downloaded from files.dc-unlocker.com and multiple other hosts.

File name:

Publisher:

UAB Digiteka (signed and verified)

Product:

DTHHSFDW

Description:

Huawei HiSilicon Firmware writer

Version:

0.0.0.26

MD5:

1269e1996c0b209b7eebedb57152cbb6

SHA-1:

ced9b1d42fc15e4b81d7d431d18044c9d45b30e7

SHA-256:

71a1702978321cd78d29786d9083a5e200e2a6c360a43592b4e5dfb77c16d4cf

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/25/2024 10:30:55 AM UTC (today)

File size:

8 MB (8,413,608 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Language:

Lithuanian (Lithuania)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\huaweihisiliconfirmwarewriter_v26.exe

Digital Signature

Signed by:

UAB Digiteka

Authority:

StartCom Ltd.

Valid from:

12/14/2015 5:44:37 AM

Valid to:

12/13/2017 9:57:38 PM

Subject:

E=manager@digiteka.lt, CN=UAB Digiteka, O=UAB Digiteka, L=Panevėžio, S=Vilniaus Apskritis, C=LT

Issuer:

CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:

14046FED01524E

File PE Metadata

Compilation timestamp:

8/25/2016 6:33:18 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

196608:LWy7AdwdoqE4Tl4DQyl/Y3doPHod/AFALd0/:LWfzqEc4tlco/odYFALe/

Entry address:

0x12C8E24

Entry point:

EB, 08, 7E, 85, 68, 00, 00, 00, 00, 00, E9, C3, F9, FE, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.9984 (probably packed)

Code size:

3.9 MB (4,086,272 bytes)

The file huaweihisiliconfirmwarewriter_v26.exe has been seen being distributed by the following 5 URLs.

https://files.dc-unlocker.com/backend/r.php/.../D5E5FA86DE984D548FA0415FEFA4F638?_=1477611617893

https://files.dc-unlocker.com/backend/r.php/.../D5E5FA86DE984D548FA0415FEFA4F638?_=1475876198727

https://files.dc-unlocker.com/backend/r.php/.../D5E5FA86DE984D548FA0415FEFA4F638?_=1476782825330

https://files.dc-unlocker.com/backend/r.php/.../D5E5FA86DE984D548FA0415FEFA4F638?_=1476191432410

https://files.dc-unlocker.com/backend/r.php/.../D5E5FA86DE984D548FA0415FEFA4F638?_=1476228712151

Scan huaweihisiliconfirmwarewriter_v26.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.