home

eid-quickinstaller-407-7438_tcm227-243552.exe

Belgium eID MiddleWare

FedICT

This is a setup and installation application. The file has been seen being downloaded from eid.belgium.be and multiple other hosts.
Publisher:
Belgian Government  (signed by FedICT)

Product:
Belgium eID MiddleWare

Description:
eID-QuickInstaller

Version:
3, 0, 1, 6184

MD5:
a9e5d1779879a3e16b05b9422ec32a49

SHA-1:
444c9dd6f28403ac2a7635b72276b2eb52d5997e

SHA-256:
c2552a53c091a544f25cb2d8fdc5329dc8eb9f7eaec07189ee323de5cd304ee2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 9:41:24 PM UTC  (today)

File size:
44.1 MB (46,259,704 bytes)

Product version:
3.0

Copyright:
Copyright (C) 2009 - 2010

Original file name:
eID-QuickInstaller.exe

File type:
Executable application (Win32 EXE)

Language:
Ducth (Netherlands)

Common path:
C:\users\{user}\downloads\eid-quickinstaller-407-7438_tcm227-243552.exe

Digital Signature
Signed by:
FedICT

Authority:
Certipost s.a./n.v.

Valid from:
11/30/2011 11:55:10 AM

Valid to:
11/30/2016 11:55:10 AM

Subject:
E=eid@fedict.be, L=Brussel, O=FedICT, C=BE, CN=FedICT - BE0367302178

Issuer:
CN=Certipost E-Trust Secondary Normalised CA for SSL and Code, O=Certipost s.a./n.v., C=BE

Serial number:
01000000000133F40DFE36796A57

File PE Metadata
Compilation timestamp:
2/5/2014 11:24:22 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
786432:RF1+qnQuVlCfF3mCCV4eu7u9rJ1oAfFvCuFRuXxvaKfcgV5bBRCiRrRcaHwx:R3+qnQuV8fgCgIu9rJdfFvCuFYXUKkMY

Entry address:
0x45AB86

Entry point:
E8, 59, 04, 00, 00, E9, 39, FD, FF, FF, 3B, 0D, 20, 17, B6, 00, 75, 02, F3, C3, E9, D9, 04, 00, 00, CC, FF, 25, BC, B4, 8A, 00, FF, 25, C0, B4, 8A, 00, FF, 25, C4, B4, 8A, 00, FF, 25, C8, B4, 8A, 00, 6A, 10, 68, 48, 01, B2, 00, E8, 70, 01, 00, 00, 33, C0, 89, 45, E0, 89, 45, FC, 89, 45, E4, 8B, 45, E4, 3B, 45, 10, 7D, 13, 8B, 75, 08, 8B, CE, FF, 55, 14, 03, 75, 0C, 89, 75, 08, FF, 45, E4, EB, E5, C7, 45, E0, 01, 00, 00, 00, C7, 45, FC, FE, FF, FF, FF, E8, 08, 00, 00, 00, E8, 77, 01, 00, 00, C2, 14, 00, 83...
 
[+]

Entropy:
7.8677  (probably packed)

Code size:
4.7 MB (4,890,624 bytes)

The file eid-quickinstaller-407-7438_tcm227-243552.exe has been seen being distributed by the following 2 URLs.

http://eid.belgium.be/fr/.../eID-QuickInstaller-407-7438_tcm226-243552.exe

http://eid.belgium.be/nl/.../eID-QuickInstaller-407-7438_tcm227-243552.exe

Scan eid-quickinstaller-407-7438_tcm227-243552.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.