home

sharewareonsale_giveaway_aug-5-2016_64-bit_docucan_hub.exe

Azadi Network LLC

This is a setup program which is used to install the application. The file has been seen being downloaded from sharewareonsale.com.
Publisher:
Azadi Network LLC  (signed and verified)

MD5:
2e300094096b671d3f473b5d861f546c

SHA-1:
31e731320c9b45abb67a8f6a6960e9a3237ec7d0

SHA-256:
9e65b2c4a9f72214cc263933c0dc95f94b78ec84e92b5f9659b1976a39652031

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/2/2024 11:19:11 AM UTC  (today)

File size:
2.3 MB (2,393,752 bytes)

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Azadi Network LLC

Authority:
COMODO CA Limited

Valid from:
7/28/2016 2:00:00 AM

Valid to:
7/29/2017 1:59:59 AM

Subject:
CN=Azadi Network LLC, O=Azadi Network LLC, STREET=405 E Wetmore Rd Suite 117 Unit 112, L=Tucson, S=Arizona, PostalCode=85705, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00A4EDF2A747E6A3C5052531132CCE527A

File PE Metadata
Compilation timestamp:
8/6/2016 3:26:09 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:xMIc+m6R2n4LooyYddxw+8NQpRmOOJ1VkyO+LWDyL:x3cdf4Lv8Kp8OIVkV+LhL

Entry address:
0x11B454

Entry point:
55, 8B, EC, 83, C4, F0, B8, 34, 92, 51, 00, E8, 78, C3, EE, FF, A1, 80, 6D, 52, 00, 8B, 00, E8, FC, 18, F5, FF, A1, 80, 6D, 52, 00, 8B, 00, B2, 01, E8, 36, 37, F5, FF, 8B, 0D, 0C, 67, 52, 00, A1, 80, 6D, 52, 00, 8B, 00, 8B, 15, A0, 6E, 51, 00, E8, EE, 18, F5, FF, A1, 80, 6D, 52, 00, 8B, 00, E8, 62, 19, F5, FF, E8, 01, 9B, EE, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.1 MB (1,155,072 bytes)

The file sharewareonsale_giveaway_aug-5-2016_64-bit_docucan_hub.exe has been seen being distributed by the following URL.

http://sharewareonsale.com/?download_file=5420581&order=wc_order_57a726a1b150d&email=ladislav.lang@seznam.cz&key=8c74a302f45b2522bbf1bf507d33df0c

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.