huaweihisiliconfirmwarewriter_v26.exe

DTHHSFDW

UAB Digiteka

This is a setup program which is used to install the application. The file has been seen being downloaded from files.dc-unlocker.com and multiple other hosts.
Publisher:
UAB Digiteka  (signed and verified)

Product:
DTHHSFDW

Description:
Huawei HiSilicon Firmware writer

Version:
0.0.0.26

MD5:
1269e1996c0b209b7eebedb57152cbb6

SHA-1:
ced9b1d42fc15e4b81d7d431d18044c9d45b30e7

SHA-256:
71a1702978321cd78d29786d9083a5e200e2a6c360a43592b4e5dfb77c16d4cf

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/28/2024 6:23:41 PM UTC  (today)

File size:
8 MB (8,413,608 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
Lithuanian (Lithuania)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\huaweihisiliconfirmwarewriter_v26.exe

Digital Signature
Signed by:

Authority:
StartCom Ltd.

Valid from:
12/14/2015 5:44:37 AM

Valid to:
12/13/2017 9:57:38 PM

Subject:
E=manager@digiteka.lt, CN=UAB Digiteka, O=UAB Digiteka, L=Panevėžio, S=Vilniaus Apskritis, C=LT

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
14046FED01524E

File PE Metadata
Compilation timestamp:
8/25/2016 6:33:18 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:LWy7AdwdoqE4Tl4DQyl/Y3doPHod/AFALd0/:LWfzqEc4tlco/odYFALe/

Entry address:
0x12C8E24

Entry point:
EB, 08, 7E, 85, 68, 00, 00, 00, 00, 00, E9, C3, F9, FE, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9984  (probably packed)

Code size:
3.9 MB (4,086,272 bytes)

The file huaweihisiliconfirmwarewriter_v26.exe has been seen being distributed by the following 5 URLs.

https://files.dc-unlocker.com/backend/r.php/.../D5E5FA86DE984D548FA0415FEFA4F638?_=1477611617893

https://files.dc-unlocker.com/backend/r.php/.../D5E5FA86DE984D548FA0415FEFA4F638?_=1475876198727

https://files.dc-unlocker.com/backend/r.php/.../D5E5FA86DE984D548FA0415FEFA4F638?_=1476782825330

https://files.dc-unlocker.com/backend/r.php/.../D5E5FA86DE984D548FA0415FEFA4F638?_=1476191432410

https://files.dc-unlocker.com/backend/r.php/.../D5E5FA86DE984D548FA0415FEFA4F638?_=1476228712151

Scan huaweihisiliconfirmwarewriter_v26.exe - Powered by Reason Core Security