home

topbankingsetup.exe

Banking 4W

Subsembly GmbH

This is a self-extracting archive and installer. The file has been seen being downloaded from subsembly.com.
Publisher:
Subsembly GmbH  (signed and verified)

Product:
Banking 4W

Description:
Banking 4W Setup

Version:
6.2.0.0

MD5:
5050664d342d2dfcb30dc0e212730a3a

SHA-1:
125b77624f7aa3c996e07980558360a2561aceb5

SHA-256:
da70a749ef451bcec7ce175ebb9b0e43cb71258988828cee3128c485d5b508c8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/29/2024 1:30:47 AM UTC  (today)

File size:
2.8 MB (2,967,336 bytes)

Product version:
6.2.0.0

Copyright:
Copyright © 2004-2016 Subsembly GmbH

Trademarks:
Subsembly® ist eine eingetragene Marke von Andreas Selle

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Common path:
C:\users\{user}\appdata\local\temp\topbankingsetup.exe

Digital Signature
Signed by:
Subsembly GmbH

Authority:
GlobalSign nv-sa

Valid from:
1/16/2015 5:51:32 PM

Valid to:
4/16/2018 9:35:08 AM

Subject:
E=info@subsembly.com, CN=Subsembly GmbH, O=Subsembly GmbH, L=Muenchen, S=Bayern, C=DE

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112146F040DA57586F4A6FE5F856E0D3543B

File PE Metadata
Compilation timestamp:
5/12/2016 3:32:27 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
49152:qtxFb7Pk3ZtQn36EtfRTCyo/A9Q5MAtvx6BMWdJAWQ5aIvMqvMNJ9wucR9teq8q7:qtxFbrXqKpTCv4afRWcWQ5aI0qvq9whJ

Entry address:
0x32F7

Entry point:
E8, 70, 02, 00, 00, E9, 80, FE, FF, FF, 55, 8B, EC, 8B, 45, 08, 56, 8B, 48, 3C, 03, C8, 0F, B7, 41, 14, 8D, 51, 18, 03, D0, 0F, B7, 41, 06, 6B, F0, 28, 03, F2, 3B, D6, 74, 19, 8B, 4D, 0C, 3B, 4A, 0C, 72, 0A, 8B, 42, 08, 03, 42, 0C, 3B, C8, 72, 0C, 83, C2, 28, 3B, D6, 75, EA, 33, C0, 5E, 5D, C3, 8B, C2, EB, F9, E8, 42, 07, 00, 00, 85, C0, 75, 03, 32, C0, C3, 64, A1, 18, 00, 00, 00, 56, BE, D8, 7B, 41, 00, 8B, 50, 04, EB, 04, 3B, D0, 74, 10, 33, C0, 8B, CA, F0, 0F, B1, 0E, 85, C0, 75, F0, 32, C0, 5E, C3, B0...
 
[+]

Code size:
57.5 KB (58,880 bytes)

The file topbankingsetup.exe has been seen being distributed by the following URL.

https://subsembly.com/.../TopBankingSetup.exe

Scan topbankingsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.