home

etsafebit-install.exe

EAST-TEC SRL

This is a setup and installation application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
East-Tec  (signed by EAST-TEC SRL)

Description:
east-tec SafeBit Installation Program

Version:
1.9

MD5:
a051637fc5d11d09e4d416a5f19c0c9a

SHA-1:
90a5368bf760140ef9d1d3148574cb6216874afc

SHA-256:
6cb6bfe313a482a693f95c074bebfae5195ffd379094aad6a8962a174406962b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 2:27:00 PM UTC  (today)

File size:
2.6 MB (2,729,064 bytes)

Copyright:
Copyright(C) 2013 East-Tec

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\etsafebit-install.exe

Digital Signature
Signed by:
EAST-TEC SRL

Authority:
COMODO CA Limited

Valid from:
10/10/2012 5:30:00 AM

Valid to:
10/11/2013 5:29:59 AM

Subject:
CN=EAST-TEC SRL, O=EAST-TEC SRL, STREET="Str. Balogh Istvan, Nr. 17", L=Oradea, S=Bihor, PostalCode=410238, C=RO

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00EE3FDC79BBA9FA7A9A27D319346BD822

File PE Metadata
Compilation timestamp:
8/16/2007 11:43:16 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
49152:P65qjJ3ibK70BWIkoEZt9/v+oAx0V+7FAEb/Hshi7p50/7EAprk2/:7jJpKQLt9/hu17eeshvTEYL

Entry address:
0x1000

Entry point:
55, 8B, EC, 81, EC, 7C, 05, 00, 00, 53, 56, 57, BE, 04, 01, 00, 00, 56, 8D, 85, 90, FD, FF, FF, 33, DB, 50, 53, 89, 5D, F4, FF, 15, 38, 20, 40, 00, 56, 8D, 85, 90, FD, FF, FF, 50, 50, FF, 15, 34, 20, 40, 00, 8B, 3D, 30, 20, 40, 00, 53, 53, 6A, 03, 53, 6A, 01, 68, 00, 00, 00, 80, 8D, 85, 90, FD, FF, FF, 50, FF, D7, 83, F8, FF, 89, 45, FC, 0F, 84, 82, 01, 00, 00, 8D, 85, 8C, FC, FF, FF, 50, 56, FF, 15, 2C, 20, 40, 00, 8D, 85, 94, FE, FF, FF, 50, 53, 68, 58, 20, 40, 00, 8D, 85, 8C, FC, FF, FF, 50, FF, 15, 28...
 
[+]

Entropy:
7.9960

Developed / compiled with:
Microsoft Visual C++

Code size:
1024 Bytes (1,024 bytes)

The file etsafebit-install.exe has been seen being distributed by the following 5 URLs.

http://gsf-cf.softonic.com/90a/536/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69677921&instance=softonic_en&type=PROGRAM&Expires=1487985065&Signature=Jdbb6kFxIm570aT7ukpe9PUuNTm2OzA83Rj9ggIQ-KVMBU5gShpL3O7uKzcHBJ6tAoM6hDM9R-Nw6xa2odpbAop~QnO7yl41qK2ZUTMmXqTG88xF9jGJFbcPuaXtt5xKDStpz-0~~UQlijQVGceIk7GJw~oRe5RoGqvCbrN1Rqs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=etsafebit-install.exe

http://gsf-cf.softonic.com/90a/536/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69677921&instance=softonic_en&type=PROGRAM&Expires=1437436912&Signature=Rxux3gj0QW7j1exEVmPp317C0ZlsKJKlJnrHaFUCW6L13iS6kC4neTwuM7pN6cc-5JeujUru49sDSnY0w~y9wQy1JqL6UM~qwYI8arexamVcE7kOLJ7TAaNpC~cm2dZgF0qHCWXkbmiWmkopudQwZUv7Z5ZAGXZelRTStXg6umI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=etsafebit-install.exe

http://download.east-tec.com/.../etsafebit-install.exe

http://sharewareonsale.com/shop?download_file=594408&order=wc_order_537b5a73d5aa4&email=sharewareonsale@zoso.33mail.com&key=056ab0f2271bb79a9802dd630780ee07

https://sharewareonsale.com/?download_file=594408&order=wc_order_537b5a73d5aa4&email=sharewareonsale@zoso.33mail.com&key=056ab0f2271bb79a9802dd630780ee07

Scan etsafebit-install.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.