mp3skype49recordersetup.exe

Domit LTD

This is a setup and installation application. The file has been seen being downloaded from voipcallrecording.com and multiple other hosts.
Publisher:
Domit LTD  (signed and verified)

MD5:
572231fe12c943dc6a0fdfbab3f7dea7

SHA-1:
b7a22d847d67d302371530078c18ee3a34b1cf71

SHA-256:
db48f7654391dd2e97b764c39f2907827d4940e05579094291fd5be513c6f643

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 5:30:20 AM UTC  (today)

File size:
5.5 MB (5,795,840 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\mp3skype49recordersetup.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
4/11/2014 3:00:00 AM

Valid to:
4/12/2015 2:59:59 AM

Subject:
CN=Domit LTD, O=Domit LTD, STREET=49 Ash Grove, L=Enfield, S=Middlesex, PostalCode=EN1 2LB, C=GB

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00F35D7F704238BFBEDD0533CFDF184359

File PE Metadata
OS version:
0.65534

OS bitness:
Win64

Linker version:
254.255

.NET CLR dependent:
Yes

CTPH (ssdeep):
98304:mgTkn2PdIR//QviruGJ5pCS9jDUwg5nmVJPK8qsuLj+DyOtu36q3XfGv:mgTk2PdiXUiauj5DUvszK8qscjtZnfG

Entry address:
0x20000

Entry point:
D0, CF, 11, E0, A1, B1, 1A, E1, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 3E, 00, 04, 00, FE, FF, 0C, 00, 06, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 02, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 10, 00, 00, 02, 00, 00, 00, 01, 00, 00, 00, FE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF...
 
[+]

Code size:
384 KB (393,228 bytes)

The file mp3skype49recordersetup.exe has been seen being distributed by the following 2 URLs.

Scan mp3skype49recordersetup.exe - Powered by Reason Core Security