» isignum.exe
Overview
Analysis
File Details
Downloads (1)

isignum.exe

DIGNITA, s.r.o.

This is a setup program which is used to install the application. The file has been seen being downloaded from www.postsignum.cz.

File name:

isignum.exe

Publisher:

DIGNITA, s.r.o. (signed and verified)

MD5:

af030e3941b83860f7d1a668791c7ac0

SHA-1:

ef03262da5c3fca3a4a01cc4766eac2b01d26167

SHA-256:

3c1ccc96c9aa12294ec18a6d54680c46b860ea4d10eae1da9aa455f3300c6b0a

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 4:00:25 PM UTC (today)

File size:

2.9 MB (3,064,184 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\documents and settings\petrova\dokumenty\downloads\isignum.exe

Digital Signature

Signed by:

DIGNITA, s.r.o.

Authority:

Thawte, Inc.

Valid from:

5/15/2012 2:00:00 AM

Valid to:

5/16/2014 1:59:59 AM

Subject:

CN="DIGNITA, s.r.o.", OU=recomando.cz, O="DIGNITA, s.r.o.", L=Praha 1, S=PRAHA, C=CZ

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

6107865844A8B4C01105E59A997874ED

File PE Metadata

Compilation timestamp:

4/12/2013 11:41:32 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:KuqIgMO9h5Md4C9Fzb0W89QwtI22jei6JAXAqyCZKjiwjcjO6ZfymHlx/vpGa9E4:KrjMYMCC9hm9Qwt12jvMAQbTj1AjO6fh

Entry address:

0x4A98D0

Entry point:

60, BE, 00, 60, 5D, 00, 8D, BE, 00, B0, E2, FF, C7, 87, F4, 49, 22, 00, 8B, 19, D0, 4E, 57, 83, CD, FF, EB, 0E, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46... 
[+]

Packer / compiler:

UPX v0.89.6 - v1.02 / v1.05 -v1.22 (Delphi) stub

Code size:

2.8 MB (2,965,504 bytes)

The file isignum.exe has been seen being distributed by the following URL.

https://www.postsignum.cz/files/.../iSignum.exe

Scan isignum.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.