qubnfe.exe

qubnfe

Quartzo Desenvolvimento de Software Ltda.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘qubnfe’.
Publisher:
Quartzo Desenvolvimento de Software Ltda.  (signed by Quartzo Desenvolvimento de Software Ltda.)

Product:
qubnfe

Version:
5.00

MD5:
ad961d4a837c646ffa2552995b44f297

SHA-1:
3a7e15ebf76ea381262a07a3cf90e9e06136ed43

SHA-256:
8fda7430e74c6f7c08ac427f059af25854e43ec6cf5b5690ab50694f3c1c3468

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/24/2024 4:42:06 PM UTC  (today)

File size:
995.8 KB (1,019,744 bytes)

Product version:
5.00

Original file name:
qubnfe.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\qubnfe\qubnfe.exe

Digital Signature
Authority:
GoDaddy.com, Inc.

Valid from:
3/17/2015 8:50:38 AM

Valid to:
3/13/2018 10:52:38 AM

Subject:
CN=Quartzo Desenvolvimento de Software Ltda., O=Quartzo Desenvolvimento de Software Ltda., L=Itatiba, S=São Paulo, C=BR

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
0097A1A946DC80417C

File PE Metadata
Compilation timestamp:
4/14/2015 8:28:45 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:kdzAOpuMQ5E6m+jgwYf44JoWpoC+RYirZWlhOfb:+8OIU6m+jgwYLsjY+ZWrG

Entry address:
0x4BE5A0

Entry point:
60, BE, 00, F0, 7C, 00, 8D, BE, 00, 20, C3, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 19, 8B, 1E, 83, EE, FC, 11, DB, 72, 10, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 78, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11...
 
[+]

Packer / compiler:
UPX 2.90LZMA

Code size:
960 KB (983,040 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
qubnfe

Command:
C:\Program Files\qubnfe\qubnfe.exe \auto


Scan qubnfe.exe - Powered by Reason Core Security