» raidcall_v7.3.6.exe
Overview
Analysis
File Details
Downloads (24)

raidcall_v7.3.6.exe

RAIDCALL LIMITED.

This is a setup program which is used to install the application. The file has been seen being downloaded from raidcall.soft32.com and multiple other hosts.

File name:

raidcall_v7.3.6.exe

Publisher:

RAIDCALL LIMITED. (signed and verified)

MD5:

725ae4fc1d462a89cc939601c5f137e0

SHA-1:

b537439ddd0a620a7b6293a312f2df4f9345f393

SHA-256:

b32be4d370c2356dc7802aac6dc68b5e55ac8d5d84b373704ac2c25097aa076e

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/5/2024 6:41:33 PM UTC (today)

Scan engine

Detection

Engine version

Trend Micro House Call

Suspicious_GEN.F47V0331

7.2.110

File size:

6.5 MB (6,772,944 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\raidcall_v7.3.6.exe

Digital Signature

Signed by:

RAIDCALL LIMITED.

Authority:

VeriSign, Inc.

Valid from:

12/3/2014 3:00:00 AM

Valid to:

3/4/2016 2:59:59 AM

Subject:

CN=RAIDCALL LIMITED., OU=TECH DEPT., O=RAIDCALL LIMITED., L=BEIJING, S=BEIJING, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

2E2824844AFFED0BE69E5993D45340E1

File PE Metadata

Compilation timestamp:

3/22/2010 3:59:12 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

196608:iApgPEhxFSNC0bTxMe+hlcYyoa0SSkZ1NojT8u9/tT:iACPSxF63xRcKYyouSEYjgu9/h

Entry address:

0x114F

Entry point:

E9, EC, 56, 00, 00, E9, 27, 96, 00, 00, E9, 72, 9A, 00, 00, E9, CD, 95, 00, 00, E9, E8, AA, 00, 00, E9, C3, BA, 00, 00, E9, 5E, 9B, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC... 
[+]

Packer / compiler:

Xtreme-Protector v1.05

Code size:

57.5 KB (58,880 bytes)

The file raidcall_v7.3.6.exe has been seen being distributed by the following 24 URLs.

http://raidcall.soft32.com/get/file/id/.../?iframe=true&width=420&height=200&no_download_manager=1

http://www.laboratorycenterconecpt.com/1T ElJdSNc10wHwDk4mYOcfJUzagerZLJB6iY4vLAmyKjIbNl8vj4zyFmP04hDcf TM585xR1YrHytsszqc4qbzMilaQe OqH8KVRvxojgDQR0tfxIcGQuafQs_0SMkqNv_TCcamq1e0sPBkTKD4EUOn6bS3ZA1ve1KfagR0sqcVmn69Sn_Dt7gxdzmW0kYZagoItCpJ1QCKUVuXZoyACh4CMj HwQ==-GzkAAARkc7HNIGiLIr_hYBJ Dhtw4FK64CK7DRtj5yg4e7nG4GXy7JXdl4YyV_oR eI5ilG_AA==

http://www.laboratorycenterconecpt.com/EWw4NT_jKXRvVSgOw _uloiIEdzT2JueJdeYutE41AlIbENsujHMdkHRwEX_AGAT2KNqiJRtccYrfd6A ewJKfNUI3QB9vCH0Cp8FcTDHWaq4_WHhohDRS9bvpOg6rif8uUD79JE97XmiZMIi_xlBYch_GV9xQKEH_qmw_i3Qpy0DRYTAbRdwc6pdk0b7Pj84SFFromFQMoFdmcMXfUS5taYDKdtQ2hiHtE nKaysshbLTUmad1MYdFt yKZu5GFtdzv7C5dOFWlKTYF4jQIEPO05AVnh37kmAObAqSjKJcYIKqw4L0mNtKbPb7MVtnOMcCJppYQwht_rezH4U ZnHYxuU27cZwUmGBmulH9OmtVXF1g3ffFRNHEFMYl0hchJg4 021iulCQusg9RRNry4Xi8kQJFcjXi7ZdGImm1AsHWVobrlZN CTrrFeF3Mc30JhUTtIDRvjY7Y6iCdZ0Pg4zKoBrMUA8bnqNcEzLGHkhKtD_DisbAW5jo97rY2t_jpEH6MaztTAWhIcjZr6AVvhnk0QJBUE_VDrkEeoVEmD6ECmXieIO8D_AuPv O29WZLdKvBdrcQj9rrhMxvggU4x1hONN7w==-GzkAAARkc7HNIGiLIr_hYBJ Dhtw4FK64CK7DRtj5yg4e7nG4GXy7JXdl4YyV_oR eI5ilG_AA==-e

http://raidcall.soft32.es/goto/file/id/.../?iframe=true&width=420&height=200&javascript=true&no_download_manager=1

http://www.laboratorycenterconecpt.com/JFAkETU5Y4X7RfaZ0XR28dCr4whsF7YeAn4kGXJB2GKSSZD2RikBgs8ALEaIR4JpfFL5fzFfA0w8waAKF089KdeUkNIORn6dvLFNxD8LxoI6qKW_JhHFKYWDASokq6hQ47FyL oK0qgJ36oFpbTZe0nlZQz6Cek1EfsVRGEY9kOjhN3 B BWHWkb Ohcp3zmdHhoOPcpXGwxzwniBQ51tX8xI1T1Arbf7Gaz qDe F M3vit6g3x0HRfM4VHXSLCjCE_xTdi69M0AgKeL517GHbFJaqnc0Ruxj CtzFb5ZA6wPa1rSEXviOXGdIsGemdd4IU2cbUiYaompjLqs_amGj184yu8JIGn4d1Fn_creJR7PMmWa0d3qipSajEhdAuQaLhGALtM NVDH1t53L4SUwfk5rs4J3v0Tqs4Vx2BvJGPNGC8QJh7wPPfTJOG_lO26vAg3cIJxQvPvkKdfP3Na4K3zQAA E9J U5JTHf0wXpbnqUIdOTcm_e9N9ar2skcnVUjF3AZdT0nBQnB mJGR7leIkg451DPC lSxM4Pe9HP9noTddo7AbXjgsJ5QyTWuaN29gtTypkHFKPvp7JtOX99hSRXDHld8ySn8KxQVXLj4SPsn1ltBcez 6lNxbSNQqP5VpK-GzkAAARkc7HNIGiLIr_hYBJ Dhtw4FK64CK7DRtj5yg4e7nG4GXy7JXdl4YyV_oR eI5ilG_AA==-e

https://onedrive.live.com/download.aspx?cid=EA5BCF3BBD15B5A3&authKey=!AFZIXkboN-qbgE4&resid=EA5BCF3BBD15B5A3!258436&ithint=.exe

http://update.raidcall.com/.../raidcall_7.3.6.exe

http://raidcall.software.informer.com/.../

temp:raidcall_v7.3.6.exe

http://soft.oszone.net/download-file/.../?mirror=1

http://www.raidcall.com.ru/direct.php?url=http://update.raidcall.com.ru/download/.../NL Y98Soi9Tu72RCpQs3iu1Z3JdQ=

about:internet

https://downloader.disk.yandex.ru/disk/a550b4fc8beaf19686525681d065a73647c1a689c405386c724b8197f4f59f99/56e0883f/.../x-msdownload&fsize=6772944&hid=19893b0069d49cf4083d3417b47da9f6&media_type=executable&tknv=v2

http://programmydlyawindows.ru/skachat_programmy/.../raidcall_rus.exe

http://raidcallinfo.ru/.../raidcall_v7.3.6.exe

http://raidcallinfo.ru/.../raidcall.exe

http://katalog-programm.ru/skachat_programmy/.../raidcall_rus.exe

http://raidcall.soft32.com/get/file/id/.../?no_download_manager=true

http://www.softportal.com/getsoft-21025-raidcall-3.html

http://soft.oszone.net/download-file/.../

http://raidcall.soft32.com.br/get/file/id/.../?no_download_manager=true

http://update.raidcall.com.ru/.../raidcall_7.3.6.exe

http://update.raidcall.com/.../raidcall_v7.3.6.exe

http://update.raidcall.com.ru/.../raidcall_v7.3.6.exe

Scan raidcall_v7.3.6.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.