» readcube-setup.exe
Overview
Analysis
File Details
Downloads (3)

readcube-setup.exe

Labtiva, Inc

This is a self-extracting archive and installer. The file has been seen being downloaded from doc-0s-b4-docs.googleusercontent.com and multiple other hosts.

File name:

readcube-setup.exe

Publisher:

Labtiva, Inc (signed and verified)

Version:

2. 0. 12. 0

MD5:

ba699d3de74ddf0735100cc2818eddf4

SHA-1:

972a2893e0b8b65e3cfaec5198b8d36b688e585c

SHA-256:

29c094d5370e8f73242ecbe7b78f0bb8e721ea538b4e89cece42967d037fb260

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/18/2024 4:04:04 PM UTC (today)

Scan engine

Detection

Engine version

Rising Antivirus

PE:Malware.XPACK/RDM!5.1

23.00.65.14519

Total Defense

Win32/Tnega.AQPV

37.0.10660

File size:

17.9 MB (18,753,808 bytes)

Product version:

2. 0. 12. 0

Labtiva, Inc.

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\readcube-setup.exe

Digital Signature

Signed by:

Labtiva, Inc

Authority:

GlobalSign nv-sa

Valid from:

5/9/2011 1:37:48 PM

Valid to:

5/9/2014 12:12:35 PM

Subject:

E=account@labtiva.com, CN="Labtiva, Inc", O="Labtiva, Inc", L=Cambridge, S=MA, C=US

Issuer:

CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:

0100000000012FD63921A4

File PE Metadata

Compilation timestamp:

12/22/2011 7:26:30 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

393216:TzfHZ4N2l9VxJnnz6QQQPfg5NvFY90UHmiDkth+Jesjm3D9GxUp2U:TD54E9z6QfPav2TH7Dktc+DIUp2U

Entry address:

0xCB10

Entry point:

55, 8B, EC, 81, EC, BC, 03, 00, 00, 56, 6A, 00, FF, 15, 94, 10, 41, 00, 89, 85, 84, FE, FF, FF, C7, 85, 98, FE, FF, FF, 00, 00, 00, 00, C7, 45, F8, 01, 00, 00, 00, C7, 85, B0, FE, FF, FF, 00, 00, 00, 00, FF, 15, F4, 10, 41, 00, A3, 70, 68, 41, 00, 68, 04, 01, 00, 00, 68, B8, 6E, 41, 00, 6A, 01, 8B, 85, 84, FE, FF, FF, 50, FF, 15, 90, 11, 41, 00, 6A, 08, 68, 9C, 6C, 41, 00, 6A, 11, 8B, 8D, 84, FE, FF, FF, 51, FF, 15, 90, 11, 41, 00, 68, C8, 00, 00, 00, 8D, 95, B8, FE, FF, FF, 52, 68, 9C, 6C, 41, 00, E8, FD... 
[+]

Entropy:

7.9988

Developed / compiled with:

Microsoft Visual C++

Code size:

63 KB (64,512 bytes)

The file readcube-setup.exe has been seen being distributed by the following 3 URLs.

https://doc-0s-b4-docs.googleusercontent.com/docs/securesc/nc1v7h1km5s849mm3rpi41nfdnj9mc0j/rhn92tvq17d9699663h2c3pd7uptqorn/1477404000000/.../02308013385844553587/0B7TX5rtBV7BNQnNxU1BzQUVTMVE?e=download

http://download.readcube.com/desktop/.../ReadCube-Setup.exe

Scan readcube-setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.