» obd auto doctor 3.1.2.exe
Overview
Analysis
File Details
Downloads (3)

obd auto doctor 3.1.2.exe

Curo

Creosys Ltd

This is a setup and installation application. The file has been seen being downloaded from www.bytesendclear.com and multiple other hosts.

File name:

Publisher:

Creosys Ltd (signed and verified)

Product:

Curo

Description:

Curo Setup

MD5:

385056bfa9a7051fda67b25ffbceae23

SHA-1:

a0293cf2f3c59bcb204d3245905472cd2ddcf73e

SHA-256:

38d5d35a855c9139f2107335acf719cf0ab1c86fe5e41de1e4716427b9ce4b08

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/15/2024 6:46:18 AM UTC (today)

File size:

1.3 MB (1,393,576 bytes)

Product version:

4.5

Installer

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\obd auto doctor 3.1.2.exe

Digital Signature

Signed by:

Creosys Ltd

Authority:

COMODO CA Limited

Valid from:

9/11/2015 2:00:00 AM

Valid to:

9/11/2017 1:59:59 AM

Subject:

CN=Creosys Ltd, O=Creosys Ltd, STREET=Varpenrinne 8, L=Vesilahti, S=Pirkanmaa, PostalCode=37470, C=FI

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

41BE554B90A4CFB2DC73CD61209D58EC

File PE Metadata

Compilation timestamp:

12/28/2015 1:39:51 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

196608:n+zlFSOs8oisjKRBzsG0+PkasAQD6U1gN3nX6fdN:klFLs8oi2QBr0qkP7gVngn

Entry address:

0x113BC

Entry point:

55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 34, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 1E, D8, FF, FF, E8, 6D, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 33, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 54, 86... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

63.5 KB (65,024 bytes)

The file obd auto doctor 3.1.2.exe has been seen being distributed by the following 3 URLs.

http://www.bytesendclear.com/GVry5cnZqJX7EK2EMJv 4U41bYtuue79N9Pb02ERyhaR9AjqVzwwjZlf222nRP X75q6HKTJUPxCeLC9HV3MF2xxISjg_FImeZGVoZmV8KmwqkPrVX8C75tVhYzQUkF5PF8A0Ema5bsJXE9wa2CuSbHH3ctfamZNEmgZLVJzWo1gbif0 y2fYmFLGjEF2ZrDHWVSGVodZux8ZreCZfKitEipcnemuAaf7hAsC4aCkqP5hK78nlQHUYWVgA16jQNKSfQdls1s9SNLGArXtEib7LmOt5tdUhLVAG9_U2Gc7Aq8JbbhpQXZaJvRJbJP0L9OgbgrNFVpL5RLbmNHb7JrzyeVhdQt1vJozUzIMDGV_EDfNGwWDM48lijbB4ywvZkVmVUv0J IhpPmudTthgaiYOuVXTndEVDF1h5VCKHE8vcgyeLjzSQ3 4qFBoRuNWuaqAAKotgNoap_IAIzaqHzTkHgNRAWdS9AUdY5YDlgUWAKTEyfIHLAzcS8gNRzpI2bOuLD7by9TH97PcFI9wTW2JHGCkmXXuiAK7A7mh7KWko1qp2fwguq_ObmKF_oKqjo97zNKRIUa2oI1hX4A2yFAN4pZkJQ8GXUUrDzZFil3lhkkWCmSeo=-GzcAAERPFtO_IQYbV6lgAw4celto0AFs2ICjwLKHba_xtpZX kSoYEL1StABN4NGh3F AA==-E

http://www.bytesendclear.com/4zxQqAJnNlj9NCQUJoH4bMrNgkwophbia2TQqmaMI1KPv_GgNpcvvdwRoTPgmNy21OAWg7x1RSc5J4mFM_E5Lb9PqfQ_sulNDP7wbdaf5GtWukOAuVCmjha576UdrDz wc33j6MULbtNuio3ha0NumBq2aR8aWl2ZvyoExuFr9oA0wQtekibnTdo2Gm1na872cR7x57WJZ8X_d1PCRCp2KxMke0tWaiEkuPmI7xejaZUqsH15J4zQpTJdtTVviNMODeM8h6AO_Ga7 6ENjXSDjOeYL0UYD5jP8fqf IRACGQe3IA59PT_cJGnIA0OxV5D6HR_PaXds2xKv386DFYvPta_OZBWci9Z1k19JOLw8F3Hw2NcfKcqzPeJAyw7GSl5_WnBm0tgEge_pBRT 65D8dg9TCkt5Hfh1_B98LYgraTV1mh7rrk5MbuXFReM2Nd78ueqKZScj23z_InmllIdvNfEqnhoRLTmW7oAG_L3p1A9HFElXN6QoXbW2dkqiyGjYWR2BW4D3dBpSkZ96fu aQ9 g0n3TlH_MiXYXowkhZHWslCYlCselr28HYKX2MsRHF855Q_HOThtdXqwuJ7T8Ynad2Nb7YTpAf_HsURQ1LNiGG8DLo=-GzcAAERPFtO_IQYbV6lgAw4celto0AFs2ICjwLKHba_xtpZX kSoYEL1StABN4NGh3F AA==-E

http://www.bytesendclear.com/BlApOQ V6nAVjC2cmI3S9Sau8a_6LZFkSeBTro12QX0lIhI0NEw88Qg55YIKhSC4arFpjuERrAoLTKW6CYH1CyJobwBahXlLd7bnTEUEyUHuQRQgI1EBbReB3NniiIaCqpMneGoKApjkLEiknNWfwSqG2Z_1VSc1O3pLy jOA6suMIEn vSMqlNchmpyeEtnnmk 4AO2u6o9XhWV8r5R CHs6nGFeGN2ElW36lSZJqG3fkwL34rHrBTp2hz2563UvuEUuuOn_wiclgbL8nGUAhD3LKkmh3M3MarMvSUCbEAJnRKW2ErjHTu_X J5UeVnSc3TaCpHQDf_0XSGL8OnvhPz1pryUV4zomy_RHSkwnXtyeCtmixAgJhvSJ0CD64Bi toDhzKt Z_kNrNjz9NQksXiFnt1JnfInSC0rpgeKEQ3UzyNIhHwzJgMFJoj6ZFNx WD3MtgJnTmIdogrYL5GT0kCq47dKBz7pLtw6fpZTdejpjCdDPEsBCiQ0W2qlSPUR6pKFX9Gf_JgZ7f2PKavPtNLH_ThxToWMyde3lmszdkSKsICahohBEXYxGZTt7_ruDmbylpxneVxAW7IpWq7y4nuUEdOFMeE458w_j M6OTQIIwpY=-GzcAAERPFtO_IQYbV6lgAw4celto0AFs2ICjwLKHba_xtpZX kSoYEL1StABN4NGh3F AA==-E

Scan obd auto doctor 3.1.2.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.