home

era17downloader1700.exe

Downloader

Sierra Technology Group S.A.

Publisher:
Sierra Technology Group SA - Rivera Indarte 565 - Buenos Aires - Argentina  (signed by Sierra Technology Group S.A.)

Product:
Downloader

Version:
3.0.4.110

MD5:
426da09d0b873c089b4dfeb103e2f1de

SHA-1:
c0a51f405ed8386bccb4b33624b01f6b9837f8d9

SHA-256:
bb5e1e506dc35059d84dce5237d058ce1960350e5fe7d3a0004339ff297a9b4e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/12/2025 11:20:38 AM UTC  (today)

File size:
4.4 MB (4,636,376 bytes)

Product version:
3.0

Copyright:
Copyright © Sierra, 2014. All Rights Reserved

Trademarks:
Sierra Technology Group S.A.

Original file name:
Downloader

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\era17downloader1700.exe

Digital Signature
Signed by:
Sierra Technology Group S.A.

Authority:
Thawte, Inc.

Valid from:
9/24/2014 8:00:00 PM

Valid to:
10/20/2016 7:59:59 PM

Subject:
CN=Sierra Technology Group S.A., O=Sierra Technology Group S.A., L=Buenos Aires, S=Capital Federal, C=AR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
41CE1E79A0D5096D15FB0E610AF79BDA

File PE Metadata
Compilation timestamp:
11/4/2014 12:35:42 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:/l0FpwcXum+8VBqS9EIlS5IRhy83taIw/n2s+90xzWFGEx4ygJVTERqry3pV/:/Mpwcem+nZMhy83irOz

Entry address:
0x3C9934

Entry point:
55, 8B, EC, 83, C4, F0, B8, FC, 9B, 7B, 00, E8, 78, 4B, C4, FF, A1, 0C, 56, 7D, 00, 8B, 00, E8, B4, 58, E3, FF, A1, 0C, 56, 7D, 00, 8B, 00, BA, C0, 99, 7C, 00, E8, DF, 52, E3, FF, 8B, 0D, A0, 52, 7D, 00, A1, 0C, 56, 7D, 00, 8B, 00, 8B, 15, 7C, 73, 7B, 00, E8, A3, 58, E3, FF, A1, A0, 52, 7D, 00, 8B, 00, E8, 73, EB, FE, FF, 84, C0, 74, 24, A1, A0, 52, 7D, 00, 8B, 00, E8, 63, 09, E3, FF, A1, A0, 52, 7D, 00, 8B, 00, E8, 6F, FA, FE, FF, A1, 0C, 56, 7D, 00, 8B, 00, E8, CB, 59, E3, FF, E8, DA, F6, C3, FF, 00, 00...
 
[+]

Entropy:
6.5609

Developed / compiled with:
Microsoft Visual C++

Code size:
3.8 MB (3,964,928 bytes)

The file era17downloader1700.exe has been seen being distributed by the following URL.

http://www.d-era.com/design_era/.../srv_liveupdate_get.asp?id=17&file=DE17Downloader1700.exe

Scan era17downloader1700.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.