razer_blackwidow__firmwareupdater_v2.05.03.exe

Razer USA Ltd

This is a setup program which is used to install the application. The file has been seen being downloaded from dl.razerzone.com.
Publisher:
Razer USA Ltd  (signed and verified)

MD5:
03affcc82fec384eceb146c20769a556

SHA-1:
8bc0066f727469b64b18e1c0b5022bc063df60f6

SHA-256:
31f83d11023e18831882371a48f10838c35670f2213d76c21d8768ae8c17283e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 1:07:57 AM UTC  (today)

File size:
2.2 MB (2,341,944 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\razer_blackwidow__firmwareupdater_v2.05.03.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
8/20/2012 8:00:00 PM

Valid to:
10/25/2015 7:59:59 PM

Subject:
CN=Razer USA Ltd, OU=Products, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Razer USA Ltd, L=Carlsbad, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
05D0ABB9D6B4194031F95C82992FAC48

File PE Metadata
Compilation timestamp:
6/9/2012 9:19:53 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:ozmvHBP3eS54tlvdlSYSOpGt2QiEMqJfDz4OSJ0NC/XqIOf:NJeS5wSYStC+fDz4OSJkSXqh

Entry address:
0x948A

Entry point:
E8, 1E, FF, FF, FF, 33, C0, 50, 50, 50, 50, E8, A4, 2E, 00, 00, C3, 56, 57, 8B, 7C, 24, 0C, 8B, F1, 8B, CF, 89, 3E, E8, 7D, A2, FF, FF, 89, 46, 08, 89, 56, 0C, 8B, 87, 24, 0C, 00, 00, 89, 46, 10, 5F, 8B, C6, 5E, C2, 04, 00, 8B, C1, 8B, 08, 8B, 50, 10, 3B, 91, 24, 0C, 00, 00, 75, 0D, 6A, 00, FF, 70, 0C, FF, 70, 08, E8, 8F, A7, FF, FF, C3, 56, 8B, F1, 8B, 06, 85, C0, 74, 07, 50, FF, 15, 64, F1, 40, 00, 83, 26, 00, 83, 66, 08, 00, 83, 66, 0C, 00, 5E, C3, 56, 8B, F1, 80, 7E, 04, 00, 75, 34, 68, 74, F5, 40, 00...
 
[+]

Entropy:
7.9089  (probably packed)

Code size:
54 KB (55,296 bytes)

The file razer_blackwidow__firmwareupdater_v2.05.03.exe has been seen being distributed by the following URL.

Scan razer_blackwidow__firmwareupdater_v2.05.03.exe - Powered by Reason Core Security