zteqmf90boltwriter_v8.exe

DTZQMF90

UAB ”DIGITEKA”

This is a setup program which is used to install the application. The file has been seen being downloaded from files.dc-unlocker.com and multiple other hosts.
Publisher:
UAB Digiteka  (signed by UAB ”DIGITEKA”)

Product:
DTZQMF90

Description:
ZTE Q MF90 Bolt Writer

Version:
0.0.0.8

MD5:
1fd494331907ead77b9ab1d00f7fd610

SHA-1:
f919f04035f951f60e2295833baf0834cc1640bc

SHA-256:
da730adcba63c5cc79adf60cfe2f63dc66ef98d6299a3891ab010b9e21ffbd25

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/29/2024 2:14:54 AM UTC  (today)

File size:
63.4 MB (66,486,416 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
Lithuanian (Lithuania)

Common path:
C:\users\{user}\downloads\zteqmf90boltwriter_v8.exe

Digital Signature
Authority:
StartCom Ltd.

Valid from:
1/2/2013 4:51:01 PM

Valid to:
1/4/2016 2:41:22 AM

Subject:
E=manager@digiteka.lt, CN=UAB ”DIGITEKA”, O=UAB ”DIGITEKA”, L=Panevėžys, S=Panevezio Apskritis, C=LT, Description=BQlAnZSt091y56bp

Issuer:
CN=StartCom Class 3 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
085A

File PE Metadata
Compilation timestamp:
3/12/2015 12:54:31 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
1572864:bUIR/PQkNLR86/dGwIy/SPznb28JBwKAWN3uWiY2741wN:x786/d4zbnb2wvAW1uWiYGmg

Entry address:
0x799099B

Entry point:
E9, EE, 3B, 01, 00, C6, 44, 24, 04, 8C, 9C, 8D, 53, 04, 66, 0F, CF, 0F, B7, 72, 1A, E8, 28, 49, 01, 00, 9C, 8D, 64, 24, 0C, 0F, 85, AA, 56, 00, 00, F5, 04, 4C, D4, 89, 27, 31, D2, 66, D1, D8, 66, 0F, BE, C3, 66, 0F, AC, C0, 0B, 89, D0, 00, D0, FE, C0, C0, E8, 03, D2, C8, 83, C7, 01, D2, F8, 30, F8, F6, C6, E6, 8A, 07, E8, 04, C6, 00, 00, E8, 4E, 13, 01, 00, D9, D8, 1E, 55, A0, AC, E2, 6B, 24, 7D, 95, 9C, 1C, 05, 8D, 3D, 30, 21, BD, 15, 04, 55, A9, D8, 34, 4D, 95, D4, 30, 51, A5, EC, 0C, 55, AC, 80, DE, 01...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
3.5 MB (3,628,544 bytes)

The file zteqmf90boltwriter_v8.exe has been seen being distributed by the following 4 URLs.

https://files.dc-unlocker.com/backend/r.php/.../550ff84fa5179

https://files.dc-unlocker.com/backend/r.php/.../3624ED07845644CCBA0957AFFFDDA357?_=1465694441699

Scan zteqmf90boltwriter_v8.exe - Powered by Reason Core Security