home

onlineinstallerwin.exe

Dacuda AG

Publisher:
Dacuda AG  (signed and verified)

MD5:
aeebbff32d10d8d8c18207a5717a29d3

SHA-1:
12056eeb68d78d9671fe684d0a1dd136d11b8b0d

SHA-256:
b57068ffa2b408e6115d40f7060a5dc3f9e558b2b9b8cc3c3dac1df52fd99a19

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/18/2024 1:50:15 PM UTC  (today)

File size:
2 MB (2,046,568 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\onlineinstallerwin.exe

Digital Signature
Signed by:
Dacuda AG

Authority:
COMODO CA Limited

Valid from:
8/27/2012 7:00:00 AM

Valid to:
8/28/2014 6:59:59 AM

Subject:
CN=Dacuda AG, O=Dacuda AG, STREET=Badenerstrasse 141, L=Zürich, PostalCode=8004, C=CH

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00831D91826585103EC126E240BA7D2BFD

File PE Metadata
Compilation timestamp:
11/28/2013 4:30:00 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:/GiEIUzfM9X0Nryv24SjV4u4r9QW9o+WG4p+riMuYM2Q9brW3sv/FSZeL1ou7o5M:NEIDk74rWKBuT2QU3snA2C5HUcA

Entry address:
0x10FC9F

Entry point:
E8, DA, 0B, 00, 00, E9, D7, FC, FF, FF, CC, FF, 25, 4C, C6, 53, 00, FF, 25, 48, C6, 53, 00, FF, 25, 44, C6, 53, 00, FF, 25, C0, C5, 53, 00, FF, 25, C0, C7, 53, 00, FF, 25, 40, C6, 53, 00, FF, 25, 3C, C6, 53, 00, FF, 25, 38, C6, 53, 00, FF, 25, 34, C6, 53, 00, FF, 25, 30, C6, 53, 00, FF, 25, 2C, C6, 53, 00, FF, 25, 28, C6, 53, 00, FF, 25, 24, C6, 53, 00, FF, 25, 20, C6, 53, 00, FF, 25, 1C, C6, 53, 00, FF, 25, 18, C6, 53, 00, FF, 25, 14, C6, 53, 00, FF, 25, 10, C6, 53, 00, FF, 25, 0C, C6, 53, 00, FF, 25, 08...
 
[+]

Entropy:
6.4324

Code size:
1.2 MB (1,287,680 bytes)

The file onlineinstallerwin.exe has been seen being distributed by the following URL.

http://download.dacuda.com/OnlineInstallerWin.exe

Scan onlineinstallerwin.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.