home

logoninst-czv.exe

Aldingha B.V.B.A.

Publisher:
Aldingha B.V.B.A.  (signed and verified)

Version:
08.11.00.00

MD5:
e409e3b2e8721094f85d08d3888cdabe

SHA-1:
45891e57ba2083744dd2fe163a5112fd01d50a1d

SHA-256:
4c56bdb3650f1f90f511b0e9309aba153f6f962cfb1029dfde3bf9cdcefb0902

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 12:50:40 PM UTC  (today)

File size:
53.5 MB (56,076,064 bytes)

Product version:
08.11.00.00

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\logoninst-czv.exe.x6qcbsl.partial

Digital Signature
Signed by:
Aldingha B.V.B.A.

Authority:
thawte, Inc.

Valid from:
9/29/2015 2:00:00 AM

Valid to:
11/28/2016 12:59:59 AM

Subject:
CN=Aldingha B.V.B.A., OU=Aldingha BVBA, O=Aldingha B.V.B.A., L=Ouwegem, S=Oost-Vlaanderen, C=BE

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
7FEE1A135D485BD0B59A265BC14A4D70

File PE Metadata
Compilation timestamp:
9/9/2016 11:39:00 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
1572864:MufpUYtDiWfBpfpoEZAZBLOsC2Tam/KQ88:MaD5DolD1/Kq

Entry address:
0x5678C

Entry point:
55, 8B, EC, B9, 06, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, 57, B8, F0, 1A, 45, 00, E8, 9F, 39, FB, FF, 33, C0, 55, 68, 06, 6C, 45, 00, 64, FF, 30, 64, 89, 20, 33, C0, A3, 80, F0, 45, 00, A1, 34, 89, 45, 00, 33, D2, 89, 10, B3, 01, 33, C0, 55, 68, 01, 68, 45, 00, 64, FF, 30, 64, 89, 20, 68, 24, 6C, 45, 00, 6A, 0A, 8B, 0D, 24, 8A, 45, 00, 8B, 09, B2, 01, A1, 40, 3D, 43, 00, E8, 06, 6D, FE, FF, A3, 80, F0, 45, 00, 33, C0, 5A, 59, 59, 64, 89, 10, EB, 16, E9, FE, F1, FA, FF, 33, DB, A1, 80, F0, 45...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
342.5 KB (350,720 bytes)

The file logoninst-czv.exe has been seen being distributed by the following URL.

https://www.czvsupport.eu/.../logoninst-fr.exe

Scan logoninst-czv.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.