windows__18c36413-b897-455e-8e2a-aaecc97326ef__.exe

AT&T

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from pattsmpii.att.motive.com and multiple other hosts.
Publisher:
AT&T  (signed and verified)

MD5:
f90b54482222558e8d3a02f3d08d5d91

SHA-1:
a7b0c5b49074c1590b2fea53a87d180dc6d27cad

SHA-256:
d2e30fdc55bce1bee72faa6fba5089d25d3ea0b0f3c12724e883b7d0f3ffb185

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 8:58:39 PM UTC  (today)

File size:
91.8 KB (94,000 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\windows__18c36413-b897-455e-8e2a-aaecc97326ef__.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
10/10/2011 8:00:00 PM

Valid to:
10/10/2014 7:59:59 PM

Subject:
CN=AT&T, OU=AT&T Mass Market Care Application, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=AT&T, L=Austin, S=Texas, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
450BA65F1A924BBA80F3ADFB4024A31A

File PE Metadata
Compilation timestamp:
12/5/2009 5:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:spgpHzb9dZVX9fHMvG0D3XJIGOMbdpSOEoJEdGUZWBfndoU5f2FcrspFIx:6gXdZt9P6D3XJ62dAOEo4/ZWBfiU5OCj

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.0069

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file windows__18c36413-b897-455e-8e2a-aaecc97326ef__.exe has been seen being distributed by the following 50 URLs.

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__30193e4b-d0b1-4e89-b384-e48b11d7a320__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__808f6f51-4890-49ea-b101-9828e9e90edf__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__534b8eb1-4709-4652-bd52-19c6fff905b7__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__cbf3d995-0494-4772-b0b5-e1da4a178e24__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__aa1e8722-28b4-44f7-8883-a2096dff45e7__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__2cd70eea-0a8a-4fe5-92ea-a14e5400a68b__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__ecfbb578-6b46-49a7-9f20-7809377a0959__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__b2b4dee9-e8d7-4d60-9370-5e2eed811dee__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__ab82a9cc-0968-45b8-b8ca-f61d6ddb7ce7__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__54bdcc43-4d68-41c9-b72f-f547815724d5__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__1dce1342-47d5-4a75-a050-c9dcbe453ac6__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__b5601ddd-f867-4450-bf7b-5ea2a1ec91bb__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__b0f76385-2eb0-448f-bcf9-4cbea92f4cf7__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__b498fd32-2cd3-4b78-8126-a5ad7654ff7b__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__9223f10c-e2cd-413e-a9b9-7dab9abd2458__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__896efe40-317e-431b-9b75-188403b50a0b__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__04c2d147-caae-4c09-95db-3b59bbd039f5__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__4b14344f-3afc-48cf-89a7-2e726735c204__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__284812cc-d1bd-427e-8062-28f57151de5d__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__a45ff2cc-4fca-4271-953e-bc248560ba1e__.exe

https://pattsmpii.att.motive.com/homeview/tsnr/.../windows__f0e675ae-71e2-4c49-89b5-f11963a3549a__.exe

Latest 30 of 112 download URLs