home

tc00243900a.exe

TOSHIBA CORPORATION

This is a setup program which is used to install the application. This is installed with multiple programs including TOSHIBA Upgrade Assistant and Toshiba Upgrade Assistant for Microsoft Windows 7. The file has been seen being downloaded from d2.driverscollection.com and multiple other hosts.
Publisher:
TOSHIBA CORPORATION  (signed and verified)

MD5:
a4e26e2246b04d4a38c0748fed7f01af

SHA-1:
606f66097c8aa27af9414077ee3a540927348cb6

SHA-256:
0101d3df4a76697c1b8b07dcfe292d9af028fbdf57a4d6debc2c40b9a2670b83

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 5:11:08 AM UTC  (today)

File size:
6.3 MB (6,614,264 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\2.0.0.1\tc00243900a.exe

Digital Signature
Signed by:
TOSHIBA CORPORATION

Authority:
VeriSign, Inc.

Valid from:
5/7/2009 1:00:00 AM

Valid to:
5/8/2010 12:59:59 AM

Subject:
CN=TOSHIBA CORPORATION, OU=TOSHIBA CORPORATION, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=TOSHIBA CORPORATION, L="1-1 Shibaura, 1-chome, Minato-ku", S=Tokyo, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
41369CAD5B75B96FADA9F10CD65979C2

File PE Metadata
Compilation timestamp:
7/7/2009 1:21:51 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
196608:m8jmC3Cnmp9umxfZ+IlJzr1Uz7EFAzMCE5Lsp:/53CmuAR+IlJzrONbisp

Entry address:
0x8255

Entry point:
E8, 82, 26, 00, 00, E9, 17, FE, FF, FF, 8B, 44, 24, 04, 85, C0, 56, 8B, F1, C6, 46, 0C, 00, 75, 63, E8, 51, 11, 00, 00, 89, 46, 08, 8B, 48, 6C, 89, 0E, 8B, 48, 68, 89, 4E, 04, 8B, 0E, 3B, 0D, A0, E7, 41, 00, 74, 12, 8B, 0D, BC, E6, 41, 00, 85, 48, 70, 75, 07, E8, 22, 30, 00, 00, 89, 06, 8B, 46, 04, 3B, 05, C0, E5, 41, 00, 74, 16, 8B, 46, 08, 8B, 0D, BC, E6, 41, 00, 85, 48, 70, 75, 08, E8, C3, 28, 00, 00, 89, 46, 04, 8B, 46, 08, F6, 40, 70, 02, 75, 14, 83, 48, 70, 02, C6, 46, 0C, 01, EB, 0A, 8B, 08, 89, 0E...
 
[+]

Entropy:
7.9829  (probably packed)

Code size:
92 KB (94,208 bytes)

The file tc00243900a.exe has been discovered within the following programs.

TOSHIBA Upgrade Assistant  by TOSHIBA Corporation
www.Toshibapc.com
11% remove it
Toshiba Upgrade Assistant for Microsoft Windows 7  by TOSHIBA Corporation
12% remove it
 
Powered by Should I Remove It?

The file tc00243900a.exe has been seen being distributed by the following 5 URLs.

https://d2.driverscollection.com/1d3f79150419914/86fec01c26c1132bdfce93c966e176cf3a2ad0d217700cfe922fa3b1417e48875a70b9749a9b45cbadedf72b7876d07a57fb9174/2/164/43/.../util_hdmi_control_TC00243900A.exe

https://d2.driverscollection.com/77b4f7153d13/153c9025c351440189d3deb10a5c99a1bd9aaef8e4d048529d77d9fbaec01db281426098340c9bfb946818c24f59e74357f9c19e/2/164/43/.../util_hdmi_control_TC00243900A.exe

https://d2.driverscollection.com/1247ac98fd61f0aa/0070cda1e69e8a29ef4aeaaca420917621e79a31921a22fbf912b23fa21d0559bdc97613bf4b37b85e0eccaa17f636795746083b/2/164/43/.../util_hdmi_control_TC00243900A.exe

http://cdgenp01.csd.toshiba.com/content/support/.../util_hdmi_control_TC00243900A.exe

http://bds.tjpntuw.updates.toshiba.com/Downloads/Production/tjpntuw/2009/09/.../233219_23.02.48.TC00243900A.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.