home

viewer.exe

Private Certificate

This is a setup program which is used to install the application. The file has been seen being downloaded from s7262.chomikuj.pl and multiple other hosts.
Publisher:
RadiAnt DICOM Viewer  (signed by Private Certificate)

Product:
RadiAnt DICOM Viewer

Version:
0.30.4.656

MD5:
fd433d3a3cad8bc13551eb63b605eb61

SHA-1:
3abcf2b7285cb281b331ca07fd85e59550fcd342

SHA-256:
38caf474ade5541dbaaa8680781e2989834d1b44d252d5dff6336a88157e9867

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 1:03:52 AM UTC  (today)

File size:
859.3 KB (879,888 bytes)

Product version:
0.30

Copyright:
Copyright (C) 2009-2011 RadiAnt Team

Original file name:
RadiAntViewer.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Digital Signature
Signed by:
Private Certificate

Authority:
Unizeto Technologies S.A.

Valid from:
7/22/2010 2:51:07 PM

Valid to:
7/23/2011 2:51:07 PM

Subject:
E=info@radiantviewer.com, CN=Maciej Frankiewicz, OU=Unizeto CERTUM (r) Certificates, O=Private Certificate, C=PL

Issuer:
CN=Certum Level III CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
070C2D

File PE Metadata
Compilation timestamp:
2/18/2011 2:28:55 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:KQP7I4U1kdZm9Xg9c9SGz5dNgYKpx9OvCWcDoF:K1bwm9Jt/gYKf9OaWlF

Entry address:
0x4F0BC

Entry point:
E8, 38, 05, 00, 00, E9, 6B, FD, FF, FF, 6A, 14, 68, 58, 7F, 46, 00, E8, 7E, 04, 00, 00, FF, 35, 44, 86, 47, 00, 8B, 35, 34, 41, 45, 00, FF, D6, 89, 45, E4, 83, F8, FF, 75, 0C, FF, 75, 08, FF, 15, B4, 41, 45, 00, 59, EB, 64, 6A, 08, E8, A5, 05, 00, 00, 59, 83, 65, FC, 00, FF, 35, 44, 86, 47, 00, FF, D6, 89, 45, E4, FF, 35, 40, 86, 47, 00, FF, D6, 89, 45, E0, 8D, 45, E0, 50, 8D, 45, E4, 50, FF, 75, 08, 8B, 35, 30, 41, 45, 00, FF, D6, 50, E8, 6B, 05, 00, 00, 83, C4, 0C, 89, 45, DC, FF, 75, E4, FF, D6, A3, 44...
 
[+]

Code size:
330 KB (337,920 bytes)

The file viewer.exe has been seen being distributed by the following 2 URLs.

http://s7262.chomikuj.pl/File.aspx?e=NVj5kXOz9TaU_19XVG9NDkXx1NTK-zKJeY6Idc2QvlIUOCG00wM1I0vOox8bSq4AcLy1W_--Rvy27UGVqPtsHz-XxyvtlzCAYPoP8IVm7PV9H_wbhpq0R7aUqwDNk2OJN-EZI_AwkVVsfak4I8pyWg&pv=2

http://poczta.onet.pl/download.html?kid=20493668

Scan viewer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.