home

SuhtlusPilvSetup.exe

Suhtlus Pilv

Storegate AB

This is a setup and installation application. The file has been seen being downloaded from secure1.suhtlus.ee.
Publisher:
Eesti Telekom  (signed by Storegate AB)

Product:
Suhtlus Pilv

Version:
1.2.6.1782

MD5:
56ce331bde779e29fbca0bc9cc2eaf71

SHA-1:
01d5b2b520676aa658491129b5dd5e691109bdd0

SHA-256:
613c8d24a4dc9b122e241ba5abcd2a2360f433f43a5cd2d437e74b18c4391a98

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 12:20:35 PM UTC  (today)

File size:
19.5 MB (20,480,368 bytes)

Product version:
1.2.6.1782

Copyright:
Copyright © Storegate 2008-2015

Original file name:
SuhtlusPilvSetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\junk\suhtluspilvsetup.exe

Digital Signature
Signed by:
Storegate AB

Authority:
COMODO CA Limited

Valid from:
1/7/2014 2:00:00 AM

Valid to:
1/8/2016 1:59:59 AM

Subject:
CN=Storegate AB, OU=Storegate AB, O=Storegate AB, STREET=Pirgatan 13, L=Karlshamn, S=Blekinge, PostalCode=37435, C=SE

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0F6D89E1BC449B4458BB83CC7D40C84B

File PE Metadata
Compilation timestamp:
10/6/2014 9:03:33 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
393216:zgsYHjqUCh+CsYsgv6Xm8fcGgWLPITbLx+lCiwO9DTCeRE1KmD:zgsWjqLh+CsY0gG1yzFO96eW8A

Entry address:
0x29283

Entry point:
E8, FC, 39, 00, 00, E9, 7F, FE, FF, FF, 3B, 0D, 00, 20, 46, 00, 75, 02, F3, C3, E9, 85, 41, 00, 00, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 7F, 0F, B6, 44, 24, 08, 0F, BA, 25, 5C, 3F, 46, 00, 01, 73, 0D, 8B, 4C, 24, 0C, 57, 8B, 7C, 24, 08, F3, AA, EB, 5D, 8B, 54, 24, 0C, 81, FA, 80, 00, 00, 00, 7C, 0E, 0F, BA, 25, 60, 20, 46, 00, 01, 0F, 82, 3A, 42, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03...
 
[+]

Code size:
270.5 KB (276,992 bytes)

The file SuhtlusPilvSetup.exe has been seen being distributed by the following URL.

https://secure1.suhtlus.ee/Public/Sync/.../SuhtlusPilvSetup.exe

Scan SuhtlusPilvSetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.