techprobaseinstall.exe

MAHLE Powertrain LLC

This is a self-extracting archive and installer. The file has been seen being downloaded from dev.mahletechpro.com.
Publisher:
MAHLE Powertrain LLC  (signed and verified)

MD5:
5c6372e03d76196da6de1903e05f633f

SHA-1:
77a31d82348d4edfdaa3f6ed3ec0ba531e28c3e9

SHA-256:
005c8fcfd7a7d89f6c10fe8f9eb1c0a217ba068565d635e8d662143ee47962dc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/29/2024 11:57:05 AM UTC  (today)

File size:
115.5 MB (121,097,664 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\techprobaseinstall.exe

Digital Signature
Authority:
Symantec Corporation

Valid from:
5/3/2015 8:00:00 PM

Valid to:
10/31/2017 7:59:59 PM

Subject:
CN=MAHLE Powertrain LLC, O=MAHLE Powertrain LLC, L=Farmington Hills, S=Michigan, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
3951F55A24BD4119A06ACB0D2D3DEA64

File PE Metadata
Compilation timestamp:
1/20/2016 5:40:12 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
3145728:vatrDbrUywl6xiw/SZzuHwuU5IGyIjpnEWaJzd1ty9kulM:ClOc32awSGjEWybtyjlM

Entry address:
0x15AC

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, AC, C0, 4E, 00, A1, 9F, C0, 4E, 00, C1, E0, 02, A3, A3, C0, 4E, 00, 52, 6A, 00, E8, 3D, 9E, 0E, 00, 8B, D0, E8, 46, BF, 0D, 00, 5A, E8, 68, BE, 0D, 00, E8, 93, C0, 0D, 00, 6A, 00, E8, BC, DC, 0D, 00, 59, 68, 48, C0, 4E, 00, 6A, 00, E8, 17, 9E, 0E, 00, A3, A7, C0, 4E, 00, 6A, 00, E9, 23, 6B, 0E, 00, E9, EE, DC, 0D, 00, 33, C0, A0, 91, C0, 4E, 00, C3, A1, A7, C0, 4E, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, EC, 00, 00, 00, 0B, C9...
 
[+]

Entropy:
7.9810  (probably packed)

Code size:
940 KB (962,560 bytes)

The file techprobaseinstall.exe has been seen being distributed by the following URL.

Scan techprobaseinstall.exe - Powered by Reason Core Security