obd-auto-doctor_3.0.8.exe

OBD Auto Doctor

Creosys Ltd

This is a setup and installation application. The file has been seen being downloaded from www.bytesendclear.com and multiple other hosts.
Publisher:
Creosys   (signed by Creosys Ltd)

Product:
OBD Auto Doctor

Description:
OBD Auto Doctor Setup

MD5:
67ea06e3114cb78871238caab60d5782

SHA-1:
980c84b3e918a8398c19f55df6bc62b604033563

SHA-256:
3097792e7b2b8c981e7ab3490eff3e05b617215342659c00419cee53cc6bc2d2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 6:25:52 AM UTC  (today)

File size:
7 MB (7,309,952 bytes)

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\obd-auto-doctor_3.0.8.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
9/10/2015 7:00:00 PM

Valid to:
9/10/2017 6:59:59 PM

Subject:
CN=Creosys Ltd, O=Creosys Ltd, STREET=Varpenrinne 8, L=Vesilahti, S=Pirkanmaa, PostalCode=37470, C=FI

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
41BE554B90A4CFB2DC73CD61209D58EC

File PE Metadata
Compilation timestamp:
12/28/2015 6:39:51 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:kX4CiAD2tuxQWzEwRI3+WRC1QcYSCpbfd:kolAD2tuxQuYRCxKz

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 34, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 1E, D8, FF, FF, E8, 6D, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 33, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 54, 86...
 
[+]

Entropy:
7.9953

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file obd-auto-doctor_3.0.8.exe has been seen being distributed by the following 10 URLs.

http://www.bytesendclear.com/c?x=5vboiDAQZl0xQM0k0oBYV5wcvJaGPaNzsswCoiKZCW8=&e=1&c=aYRmaKTcHmZiehsaVKZyVBm7vsN0JgQnIZgClFfYVUGVDW81j99QteBGa9TW6KD9jdXl z3hiYRFkC6BMPMvXaCQXdZpo3tMUn9BSpndoxwDrvsRc 0pgPo9MMriwIr/ulSZTNKVdsXMhdyCJCfN gPB0RC WneaK2lcHDM9SFY=&fallback_url=http://.../obd-auto-doctor_3.0.8.exe&downloadAs=OBD Auto Doctor 3.0.8.exe

http://www.bytesendclear.com/jKtoPQf2CMqQyzqz30pbrOHfgAEpvoXyEOD6w_HMtdnwC8LMLfI r7v_gVyVdqx3WXnDyajj ERVYkMuxy5CpPgByNSP3mn WSIOVBZciW2peN0A5IKLVR6ly1bgbdOaj2cHfQI7VjMWL8RfdMaJw12eCQph3IUnTaJ9tP7sMPm9HBTfWi8p3gYeS7ASCyH_TxNr_C1tmIZnZrOTvooxcwR8QlJWA8njFJO6GF7TZUDUWS7WB3zVl0qSvcBknsKv3H9QtOgQ81TpCIi0NE00MspS3SP1h0SM4mlj0B5GhGWdRMGAmbkHPy0khYHYk7y2TEpTy_AhP2rdH0ePF56CITvbIRVi9XBEIpKA5jNXEP89jsrX9Ybn7tSKKz_hQ8_zms9kD_YmjOCwLztB11oJblodjLNcldCzcrSVg6iuPIvfxPTp2vLxPIWOxrRTNGjxrJeBgVXPjc3wff8_QI_6xvmZ5Te1V1yX8W7J kP8Urc1eh17nMzO_MEfTeOra3ojgGxkzlOVwvyphjxytfrEGsyAx0 Iw1jFerXGwsOVqYMOyCF1lkrb6x_pEYFQzP94hQa 6CQHyd3bTwZuyOgDl_zmTf1kFg==-GzUAAERPFtM_m6I1G1epYAMOHHpbaNABbNiAo8Cyh22v8baWV_pEqGBC9UrQASedxuD8AA==-E

http://softonet.pl/wyslij63750-1.html

http://www.bytesendclear.com/WVl6OTRQV2hIYjJoRmVtMW9PRUpHZURCcWRrcFZZaVV5UWtwS2FsWkJWVTF0TVhrbE1rWkZXazFoYTNsc2JHOTNWa3RGSlRORUptVTlNU1pqUFdGSWRrVnhPVEpoWlRKa2JuZGFkWFpJVjNBeGRFSkxOSGQwYUZwQk1rMXZURk5sZGtkM05YWnpaVlJGV1d0R1NuRXlSbWRZYUVweVltUlRNbUZQWlhkR1JFaDRTM1ZCTmxseVNtRnVXSEYxZHpaWFlXMWhZM1ZWY0c1Q1oyYzJKVEpDVUc1M05VbGtkalZ6YlVWc04xcGhNblZQTjNWT2JVNU9ZMVZwWlVOVUpUSkNSMWR2V2xSUVpIcGtkbVZvT0hnbE1rSTNPREUxUzNvd1VTVXpSQ1V6UkNabVlXeHNZbUZqYTE5MWNtdzlhSFIwY0NVellTVXlaaVV5Wm1Oa2JpNXZZbVJoZFhSdlpHOWpkRzl5TG1OdmJTVXlabTlpWkMxaGRYUnZMV1J2WTNSdmNsOHpMakF1T0M1bGVHVW1aRzkzYm14dllXUkJjejFQUWtRclFYVjBieXRFYjJOMGIzSXJNeTR3TGpndVpYaGw=

Scan obd-auto-doctor_3.0.8.exe - Powered by Reason Core Security