home

viettel-ca_adm_v1.ex

Admintool

MINH THONG CARD SOLUTIONS CO LTD

Publisher:
Viettel-CA  (signed by MINH THONG CARD SOLUTIONS CO LTD)

Product:
Admintool

Description:
Viettel-CA Admintool V1.0

Version:
1.0.0.0

MD5:
f9e31a45d2401837e7fdc579c03c5979

SHA-1:
cac95f3461074c4c7d2dbdab030b0441f3165063

SHA-256:
0d3d427e2065dc5a366e74de37516784150fb322459bf4a55f27eafd41015656

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 7:31:19 AM UTC  (today)

File size:
674.9 KB (691,128 bytes)

Product version:
1.0.0.0

Copyright:
Copyright (C) 2014 Viettel Group

Original file name:
Viettel-CA_adm_V1.exe

Language:
English (United States)

Common path:
C:\users\{user}\downloads\viettel-ca_adm_v1.ex

Digital Signature
Signed by:
MINH THONG CARD SOLUTIONS CO LTD

Authority:
Thawte, Inc.

Valid from:
7/15/2013 7:00:00 AM

Valid to:
7/16/2014 6:59:59 AM

Subject:
CN=MINH THONG CARD SOLUTIONS CO LTD, OU=IT Department, O=MINH THONG CARD SOLUTIONS CO LTD, L=Ho Chi Minh, S=Ho Chi Minh, C=VN

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
7DECEFF77C9750C576FBEF8CEFC6D96F

File PE Metadata
Compilation timestamp:
3/3/2014 3:23:44 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:Iq4SI5bR4cJ4hFmbCtMgrTeIsSEPEtGAx/rPm:7414cJlQMgdhm

Entry address:
0x3587E

Entry point:
E8, C5, 74, 00, 00, E9, 17, FE, FF, FF, 3B, 0D, 10, 78, 46, 00, 75, 02, F3, C3, E9, 45, 75, 00, 00, 51, C7, 01, F4, 61, 45, 00, E8, 3D, 76, 00, 00, 59, C3, 56, 8B, F1, E8, EA, FF, FF, FF, F6, 44, 24, 08, 01, 74, 07, 56, E8, B4, 3C, FE, FF, 59, 8B, C6, 5E, C2, 04, 00, 8B, 44, 24, 04, 83, C1, 09, 51, 83, C0, 09, 50, E8, 7E, 76, 00, 00, F7, D8, 59, 1B, C0, 59, 40, C2, 04, 00, 51, 53, 55, 56, 57, FF, 35, 68, C6, 46, 00, E8, 43, 6E, 00, 00, FF, 35, 64, C6, 46, 00, 8B, F0, 89, 74, 24, 18, E8, 32, 6E, 00, 00, 8B...
 
[+]

Entropy:
6.7111

Code size:
324 KB (331,776 bytes)

The file viettel-ca_adm_v1.ex has been seen being distributed by the following URL.

http://10.230.190.13/ftpnew/index.php?get_action=open_file&repository_id=30da0ca76540b3408cef8023d9e57def&file=/SOFTWARE/VIETTEL-CA/.../Viettel-CA_adm_V1.exe

Scan viettel-ca_adm_v1.ex - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.