» varicad2016-1.06-en.exe
Overview
Analysis
File Details
Downloads (14)

varicad2016-1.06-en.exe

VARICAD SPOL. S.R.O.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from lb.cdn.m6web.fr and multiple other hosts.

File name:

Publisher:

VARICAD SPOL. S.R.O. (signed and verified)

MD5:

4cff3d46c81b9fac927913d0b57e9526

SHA-1:

e66ae5239b72771b16d3d8e72f06964545aa0eae

SHA-256:

eec2a212fbdca9471b982efe096b7abfbcc20e6d4704dbc358f30bca3d7b6c7a

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/5/2024 7:12:28 PM UTC (today)

File size:

74.9 MB (78,523,040 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\varicad2016-1.06-en.exe

Digital Signature

Signed by:

VARICAD SPOL. S.R.O.

Authority:

thawte, Inc.

Valid from:

3/7/2016 9:00:00 PM

Valid to:

11/2/2016 9:59:59 PM

Subject:

CN=VARICAD SPOL. S.R.O., OU=IT, O=VARICAD SPOL. S.R.O., L=Liberec, S=Liberec, C=CZ

Issuer:

CN=thawte SHA256 Code Signing CA - G2, O="thawte, Inc.", C=US

Serial number:

48276A304A36E3C31538A4683D740CAC

File PE Metadata

Compilation timestamp:

4/10/2010 9:19:38 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

1572864:bHQwBFrVMYtaB8auaH8aD5ZaxaIh0FZ/tdleN6C7Nd8nNU6tTwwHa+r:bHLLrVMaaB8avH845AoIh2hs7NdAXHaO

Entry address:

0x3415

Entry point:

81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, 70, 85, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 80, 40, 00, 55, FF, 15, B0, 82, 40, 00, 6A, 08, A3, 98, B3, 47, 00, E8, 67, 27, 00, 00, 55, 68, B4, 02, 00, 00, A3, B0, B2, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 6C, 85, 40, 00, FF, 15, 80, 81, 40, 00, 68, 54, 85, 40, 00, 68, A0, 32, 47, 00, E8, 35, 26, 00, 00, FF, 15, B0, 80, 40, 00, 50, BF, A0, C0, 4C, 00, 57, E8, 23, 26, 00, 00... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

26 KB (26,624 bytes)

The file varicad2016-1.06-en.exe has been seen being distributed by the following 14 URLs.

http://lb.cdn.m6web.fr/d/c/a/8103707d41c8ba75f0d2ab5d9bc4074f/587762ee/soft/.../varicad-2016_1-06_fr_126066.exe

http://lb.cdn.m6web.fr/d/c/a/49575730964fdf77be43804d3efc2e7b/5832daf3/soft/.../varicad-2016_1-06_fr_126066.exe

http://lb.cdn.m6web.fr/d/c/a/4f206f39d3d812efaba025d468de2dae/57865be3/soft/.../varicad-2016_1-06_fr_126066.exe

http://lb.cdn.m6web.fr/d/c/a/53df8dd7d5831c7e678cd2d3608f11d8/585dc9c7/soft/.../varicad-2016_1-06_fr_126066.exe

http://lb.cdn.m6web.fr/d/c/a/f716fdec8f795b235daa56689d19b5cf/5800ec17/soft/.../varicad-2016_1-06_fr_126066.exe

http://lb.cdn.m6web.fr/d/c/a/765ccea34e3bc1de9f1af5992a2788d9/58188b10/soft/.../varicad-2016_1-06_fr_126066.exe

http://lb.cdn.m6web.fr/d/c/a/738a6228cc57d7ca8fce2c24e362a8f7/57f93e03/soft/.../varicad-2016_1-06_fr_126066.exe

http://lb.cdn.m6web.fr/d/c/a/a4d862039c9cbd2564568f329afaa70e/581df8e6/soft/.../varicad-2016_1-06_fr_126066.exe

http://lb.cdn.m6web.fr/d/c/a/744fe39c9288f493c2aeb6c7d70f64a5/5831dbea/soft/.../varicad-2016_1-06_fr_126066.exe

http://lb.cdn.m6web.fr/d/c/a/634536e70a4f0013ba5d53cd7c17fb96/57e5364c/soft/.../varicad-2016_1-06_fr_126066.exe

http://lb.cdn.m6web.fr/d/c/a/1ef5f9d07c6e534762a86e9398821324/57752843/soft/.../varicad-2016_1-06_fr_126066.exe

http://lb.cdn.m6web.fr/d/c/a/e1a8b9df9209b0a9390daa6f2a5de19f/580d542a/soft/.../varicad-2016_1-06_fr_126066.exe

http://lb.cdn.m6web.fr/d/c/a/4a65026cee85bb95322ae0ed3144347f/580e237c/soft/.../varicad-2016_1-06_fr_126066.exe

http://lb.cdn.m6web.fr/d/c/a/e2ba6265f9ea3e4cc06ea2ef35fee332/583c21aa/soft/.../varicad-2016_1-06_fr_126066.exe

Scan varicad2016-1.06-en.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.