qubnfe.exe

qubnfe

Quartzo Desenvolvimento de Software Ltda.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘qubnfe’.
Publisher:
Quartzo Desenvolvimento de Software Ltda.  (signed by Quartzo Desenvolvimento de Software Ltda.)

Product:
qubnfe

Version:
3.07

MD5:
14e41e2b2f582013536a2cfcf19bb2f9

SHA-1:
66eaa99da4a9afdedf3f29e370aef10654f0144e

SHA-256:
13db1da3824f00cc4436dc76e98beb714e4d49671c1b70169b28f9ee8dcc4759

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 5:58:57 AM UTC  (today)

File size:
1.4 MB (1,467,224 bytes)

Product version:
3.07

Original file name:
qubnfe.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\qubnfe\qubnfe.exe

Digital Signature
Authority:
GoDaddy.com, Inc.

Valid from:
12/20/2012 9:35:17 AM

Valid to:
12/19/2013 3:51:54 PM

Subject:
CN=Quartzo Desenvolvimento de Software Ltda., OU=info@interapp.com.br, O=Quartzo Desenvolvimento de Software Ltda., L=Itatiba, S=SP, C=BR

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
4B88AE7E9F70E7

File PE Metadata
Compilation timestamp:
4/22/2013 5:04:18 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:IjOGSPayHtbJheL+ZW3TI5TKeXJ0OphvQGJ4Q3fBgHtmGw4voj/qJnhZSEKEeY:XGSPaatheL+ZW32NtpeaZgw7j/cQ

Entry address:
0x4E5CE0

Entry point:
60, BE, 00, 90, 78, 00, 8D, BE, 00, 80, C7, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 19, 8B, 1E, 83, EE, FC, 11, DB, 72, 10, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 78, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11...
 
[+]

Packer / compiler:
UPX 2.90LZMA

Code size:
1.4 MB (1,429,504 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
qubnfe

Command:
C:\Program Files\qubnfe\qubnfe.exe \auto


Scan qubnfe.exe - Powered by Reason Core Security