home

ztequalcommwriter_v15.exe

DTZTEFDW

UAB ”DIGITEKA”

This is a setup program which is used to install the application. The file has been seen being downloaded from files.dc-unlocker.com.
Publisher:
UAB Digiteka  (signed by UAB ”DIGITEKA”)

Product:
DTZTEFDW

Description:
ZTE Firmware writer

Version:
0.0.0.15

MD5:
c909da183a466b809ff887080ac9ff28

SHA-1:
91303b24ba98ba6e56f51325656fdc08f39eb8f7

SHA-256:
301b7fab8d1e8f7921ddab41a1280a860d6fd115560f5515d2013ab24a48b072

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 5:02:12 PM UTC  (today)

File size:
8.9 MB (9,353,872 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
Lithuanian (Lithuania)

Common path:
C:\users\{user}\downloads\ztequalcommwriter_v15.exe

Digital Signature
Signed by:
UAB ”DIGITEKA”

Authority:
StartCom Ltd.

Valid from:
1/2/2013 4:51:01 PM

Valid to:
1/4/2016 2:41:22 AM

Subject:
E=manager@digiteka.lt, CN=UAB ”DIGITEKA”, O=UAB ”DIGITEKA”, L=Panevėžys, S=Panevezio Apskritis, C=LT, Description=BQlAnZSt091y56bp

Issuer:
CN=StartCom Class 3 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
085A

File PE Metadata
Compilation timestamp:
6/30/2014 9:15:49 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:BqcDJtPRfFIaOz+mXO4FUsyDcYbwqAGRwMWfabQ0f/5PmNXEgB6RuWc5nvl:BdHO7eqU7DcYDAy6asomTB6RTQl

Entry address:
0x1322745

Entry point:
9C, C6, 04, 24, 96, C7, 04, 24, FE, A6, F6, 36, 9C, E9, F9, 8D, 00, 00, 68, 89, A5, E4, C8, C7, 44, 24, 04, FF, 19, C9, 8D, E9, AD, 04, 75, FF, 7D, B8, F1, D7, 28, 6F, C6, 34, 8B, 6A, C3, E9, 1A, 2D, FE, B9, 00, B2, 73, 35, 3C, 0F, 56, 4F, 23, F6, 4D, 52, EB, 06, 5A, 20, 38, 27, CD, 0B, 82, 40, 02, F1, 30, 0E, 5F, E2, CB, 45, 12, 95, 10, 92, 6F, 56, 72, 32, 5E, 26, D7, CE, 95, 2F, 08, 9F, 88, 1F, 3B, D8, 07, 36, E1, 5D, 9B, 46, C4, 24, D8, 52, B9, F8, AA, 8E, CC, 96, 7E, AA, 0D, A7, 3F, 17, AB, 77, A7, 9F...
 
[+]

Code size:
3.4 MB (3,574,784 bytes)

The file ztequalcommwriter_v15.exe has been seen being distributed by the following URL.

https://files.dc-unlocker.com/backend/r.php/.../53b17ff1dd813

Scan ztequalcommwriter_v15.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.