» drh2013d.exe
Overview
Analysis
File Details
Programs (1)
Downloads (2)

drh2013d.exe

Peter A. Gebhard Softwareentwicklung

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from files.downloadnow.com and multiple other hosts.

File name:

drh2013d.exe

Publisher:

Peter A. Gebhard (signed by Peter A. Gebhard Softwareentwicklung)

Description:

Dr. Hardware 2013 Setup

MD5:

32c94b4a66d727062f67194675c190c8

SHA-1:

de1ad29ea05692af046f19c20c566a03ed2c2e0f

SHA-256:

55b27e834f44cc393d0e4b6751cebc9a26c7e2c123aa96084ca54994385fb413

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 8:01:43 AM UTC (today)

File size:

3.2 MB (3,326,496 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

English (United States)

Digital Signature

Signed by:

Peter A. Gebhard Softwareentwicklung

Authority:

GlobalSign nv-sa

Valid from:

7/26/2010 6:17:52 PM

Valid to:

7/26/2013 6:17:50 PM

Subject:

E=infomail1@dr-hardware.com, CN=Peter A. Gebhard Softwareentwicklung, O=Peter A. Gebhard Softwareentwicklung, C=DE

Issuer:

CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:

0100000000012A0FA49004

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:5dda1Hy+6ejsyHsS2ydN9xZ55SAK8fxuC2Do4OQMpV8rXA:Lk1PlAwsS2gN9xEA9pmDZOxpcXA

Entry address:

0x97F0

Entry point:

55, 8B, EC, 83, C4, CC, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, D6, 98, FF, FF, E8, DD, AA, FF, FF, E8, 00, CD, FF, FF, E8, 47, CD, FF, FF, E8, 3E, F3, FF, FF, E8, A5, F4, FF, FF, 33, C0, 55, 68, 9A, 9E, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 50, 9E, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, B0, 40, 00, E8, 9B, FE, FF, FF, E8, 5A, FA, FF, FF, 8D, 55, F0, 33, C0, E8, C0, D1, FF, FF, 8B, 55, F0, B8, D4, BD, 40, 00, E8, 87, 99, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, D4, BD, 40, 00, B2, 01, B8... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

36 KB (36,864 bytes)

The file drh2013d.exe has been discovered within the following program.

QuickTime by Apple Inc.

QuickTime is an extensible multimedia framework capable of handling various formats of digital video, picture, sound, panoramic images, and interactivity.

www.apple.com/quicktime

6% remove it

The file drh2013d.exe has been seen being distributed by the following 2 URLs.

http://files.downloadnow.com/s/software/13/17/65/.../drh2013d.exe

http://software-files-a.cnet.com/s/software/13/17/65/.../drh2013d.exe

Scan drh2013d.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.