» dia-poatch.exe
Overview
Analysis
File Details

dia-poatch.exe

Dia for Windows

Steffen Macke - Betrieb von Webseiten - Open Source Developer

This is a self-extracting archive and installer.

File name:

dia-poatch.exe

Publisher:

The Dia Developers (signed by Steffen Macke - Betrieb von Webseiten - Open Source Developer)

Product:

Dia for Windows

Description:

Dia for Windows Installer

Version:

0.97.0002

MD5:

01c5012504ec0197686d0f989de4a8ab

SHA-1:

0188fbca25c458d10234b3aaa19c752b47178dc4

SHA-256:

43407fc9edcec1cfe127368dae553aa3f5374619763f0b89244d639c46762612

Scanner detections:

1 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/23/2024 7:31:17 PM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/Injector.CZCZ trojan

8.0.319.0

File size:

1.7 MB (1,735,912 bytes)

Product version:

0.97.0002

Original file name:

dia-setup-0.97.2.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\dia-poatch.exe

Digital Signature

Signed by:

Steffen Macke - Betrieb von Webseiten - Open Source Developer

Authority:

Unizeto Technologies S.A.

Valid from:

2/17/2011 4:15:33 PM

Valid to:

2/18/2012 4:15:33 PM

Subject:

E=dia@dia-installer.de, CN=Steffen Macke - Open Source Developer, OU=dia-installer.de, O=Steffen Macke - Betrieb von Webseiten - Open Source Developer, C=DE

Issuer:

CN=Certum Level III CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:

073688

File PE Metadata

Compilation timestamp:

5/25/2016 11:37:03 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:GpFHNLCelBRgcBvVGr/LS8YvR7dL/7DBc1StXw0hw792e8WDCznkM5:GfHNLCeT+etUzNM7B/7Vc1Spc92e1wkg

Entry address:

0x12EC

Entry point:

68, A4, 13, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 81, 47, 8C, E8, E0, 68, 52, 4E, 8F, 0A, 23, E8, 59, 37, 44, 07, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 76, 62, 34, 70, 72, 6F, 6A, 65, 63, 74, 56, 62, 00, 00, 00, 00, 00, 00, 00, 00, 07, 00, 00, 00, AC, 25, 40, 00, 07, 00, 00, 00, 58, 25, 40, 00, 07, 00, 00, 00, 18, 25, 40, 00, 07, 00, 00, 00, D4, 24, 40, 00, 07, 00, 00, 00, 78, 24, 40, 00, 07, 00, 00, 00, 2C, 24, 40, 00... 
[+]

Developed / compiled with:

Microsoft Visual Basic v5.0

Code size:

1.6 MB (1,699,840 bytes)

Scan dia-poatch.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.