raidcall_v7.3.6.exe

RAIDCALL LIMITED.

This is a setup program which is used to install the application. The file has been seen being downloaded from raidcall.soft32.com and multiple other hosts.
Publisher:
RAIDCALL LIMITED.  (signed and verified)

MD5:
725ae4fc1d462a89cc939601c5f137e0

SHA-1:
b537439ddd0a620a7b6293a312f2df4f9345f393

SHA-256:
b32be4d370c2356dc7802aac6dc68b5e55ac8d5d84b373704ac2c25097aa076e

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/25/2024 1:14:03 PM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
Suspicious_GEN.F47V0331
7.2.110

File size:
6.5 MB (6,772,944 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\raidcall_v7.3.6.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
12/3/2014 3:00:00 AM

Valid to:
3/4/2016 2:59:59 AM

Subject:
CN=RAIDCALL LIMITED., OU=TECH DEPT., O=RAIDCALL LIMITED., L=BEIJING, S=BEIJING, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2E2824844AFFED0BE69E5993D45340E1

File PE Metadata
Compilation timestamp:
3/22/2010 3:59:12 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:iApgPEhxFSNC0bTxMe+hlcYyoa0SSkZ1NojT8u9/tT:iACPSxF63xRcKYyouSEYjgu9/h

Entry address:
0x114F

Entry point:
E9, EC, 56, 00, 00, E9, 27, 96, 00, 00, E9, 72, 9A, 00, 00, E9, CD, 95, 00, 00, E9, E8, AA, 00, 00, E9, C3, BA, 00, 00, E9, 5E, 9B, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
57.5 KB (58,880 bytes)

The file raidcall_v7.3.6.exe has been seen being distributed by the following 24 URLs.

http://raidcall.soft32.com/get/file/id/.../?iframe=true&width=420&height=200&no_download_manager=1

http://www.laboratorycenterconecpt.com/1T ElJdSNc10wHwDk4mYOcfJUzagerZLJB6iY4vLAmyKjIbNl8vj4zyFmP04hDcf TM585xR1YrHytsszqc4qbzMilaQe OqH8KVRvxojgDQR0tfxIcGQuafQs_0SMkqNv_TCcamq1e0sPBkTKD4EUOn6bS3ZA1ve1KfagR0sqcVmn69Sn_Dt7gxdzmW0kYZagoItCpJ1QCKUVuXZoyACh4CMj HwQ==-GzkAAARkc7HNIGiLIr_hYBJ Dhtw4FK64CK7DRtj5yg4e7nG4GXy7JXdl4YyV_oR eI5ilG_AA==

http://www.laboratorycenterconecpt.com/EWw4NT_jKXRvVSgOw _uloiIEdzT2JueJdeYutE41AlIbENsujHMdkHRwEX_AGAT2KNqiJRtccYrfd6A ewJKfNUI3QB9vCH0Cp8FcTDHWaq4_WHhohDRS9bvpOg6rif8uUD79JE97XmiZMIi_xlBYch_GV9xQKEH_qmw_i3Qpy0DRYTAbRdwc6pdk0b7Pj84SFFromFQMoFdmcMXfUS5taYDKdtQ2hiHtE nKaysshbLTUmad1MYdFt yKZu5GFtdzv7C5dOFWlKTYF4jQIEPO05AVnh37kmAObAqSjKJcYIKqw4L0mNtKbPb7MVtnOMcCJppYQwht_rezH4U ZnHYxuU27cZwUmGBmulH9OmtVXF1g3ffFRNHEFMYl0hchJg4 021iulCQusg9RRNry4Xi8kQJFcjXi7ZdGImm1AsHWVobrlZN CTrrFeF3Mc30JhUTtIDRvjY7Y6iCdZ0Pg4zKoBrMUA8bnqNcEzLGHkhKtD_DisbAW5jo97rY2t_jpEH6MaztTAWhIcjZr6AVvhnk0QJBUE_VDrkEeoVEmD6ECmXieIO8D_AuPv O29WZLdKvBdrcQj9rrhMxvggU4x1hONN7w==-GzkAAARkc7HNIGiLIr_hYBJ Dhtw4FK64CK7DRtj5yg4e7nG4GXy7JXdl4YyV_oR eI5ilG_AA==-e

http://raidcall.soft32.es/goto/file/id/.../?iframe=true&width=420&height=200&javascript=true&no_download_manager=1

http://www.laboratorycenterconecpt.com/JFAkETU5Y4X7RfaZ0XR28dCr4whsF7YeAn4kGXJB2GKSSZD2RikBgs8ALEaIR4JpfFL5fzFfA0w8waAKF089KdeUkNIORn6dvLFNxD8LxoI6qKW_JhHFKYWDASokq6hQ47FyL oK0qgJ36oFpbTZe0nlZQz6Cek1EfsVRGEY9kOjhN3 B BWHWkb Ohcp3zmdHhoOPcpXGwxzwniBQ51tX8xI1T1Arbf7Gaz qDe F M3vit6g3x0HRfM4VHXSLCjCE_xTdi69M0AgKeL517GHbFJaqnc0Ruxj CtzFb5ZA6wPa1rSEXviOXGdIsGemdd4IU2cbUiYaompjLqs_amGj184yu8JIGn4d1Fn_creJR7PMmWa0d3qipSajEhdAuQaLhGALtM NVDH1t53L4SUwfk5rs4J3v0Tqs4Vx2BvJGPNGC8QJh7wPPfTJOG_lO26vAg3cIJxQvPvkKdfP3Na4K3zQAA E9J U5JTHf0wXpbnqUIdOTcm_e9N9ar2skcnVUjF3AZdT0nBQnB mJGR7leIkg451DPC lSxM4Pe9HP9noTddo7AbXjgsJ5QyTWuaN29gtTypkHFKPvp7JtOX99hSRXDHld8ySn8KxQVXLj4SPsn1ltBcez 6lNxbSNQqP5VpK-GzkAAARkc7HNIGiLIr_hYBJ Dhtw4FK64CK7DRtj5yg4e7nG4GXy7JXdl4YyV_oR eI5ilG_AA==-e

https://onedrive.live.com/download.aspx?cid=EA5BCF3BBD15B5A3&authKey=!AFZIXkboN-qbgE4&resid=EA5BCF3BBD15B5A3!258436&ithint=.exe

temp:raidcall_v7.3.6.exe

about:internet

Scan raidcall_v7.3.6.exe - Powered by Reason Core Security