home

ztequalcommwriter_v6.exe

DTZTEFDW

UAB ”DIGITEKA”

This is a setup program which is used to install the application. The file has been seen being downloaded from s6117.chomikuj.pl and multiple other hosts.
Publisher:
UAB Digiteka  (signed by UAB ”DIGITEKA”)

Product:
DTZTEFDW

Description:
ZTE Firmware writer

Version:
0.0.0.6

MD5:
8d8498dd37c13dd7cd4a485940d95f56

SHA-1:
971e457f424fe448ccb2b6b4ca02cc323c7fde34

SHA-256:
2865759d9c874a3ed606bff839d8b229ab663c453ee5050bac95ded8ab26dfe4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 3:25:42 AM UTC  (today)

File size:
7.2 MB (7,509,648 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
Lithuanian (Lithuania)

Common path:
C:\users\{user}\downloads\ztequalcommwriter_v6.exe

Digital Signature
Signed by:
UAB ”DIGITEKA”

Authority:
StartCom Ltd.

Valid from:
1/2/2013 10:51:01 AM

Valid to:
1/3/2016 8:41:22 PM

Subject:
E=manager@digiteka.lt, CN=UAB ”DIGITEKA”, O=UAB ”DIGITEKA”, L=Panevėžys, S=Panevezio Apskritis, C=LT, Description=BQlAnZSt091y56bp

Issuer:
CN=StartCom Class 3 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
085A

File PE Metadata
Compilation timestamp:
6/6/2013 11:39:56 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:5y6SJUMwGTEBk5oO9cpaxftK3iH6IO53pJd5jIA4kK:5rSJUC3WRpDyH6n5/jBM

Entry address:
0xFB52E8

Entry point:
E9, 12, 2C, 00, 00, 22, 8B, C7, 01, A1, 95, B1, BE, 25, DA, 9F, 5D, 08, DE, 31, 40, 72, 07, BB, 9B, 44, BE, EC, 55, 51, DD, EE, DC, B2, CC, 27, 03, BB, 96, 5D, 7D, 5E, 7C, D6, 05, 3D, 52, F3, 92, 5A, DC, A2, 98, F2, 60, 3F, 0C, 7E, 6D, CB, 98, 4A, 78, C9, 92, F3, B6, 80, 92, 75, AA, EC, 6E, 8D, D9, 31, 4C, 03, 04, 31, 87, 73, 70, E5, CE, C5, 45, 5F, 8A, 87, 4F, 33, 06, 3C, C9, E0, C3, 82, 50, C8, 81, 62, 70, 11, 0C, 69, 7B, EF, D0, 0F, 2A, 5B, 56, 2C, 3D, DA, 09, E1, AC, DC, 07, 20, 9B, 50, 30, CD, 74, E5...
 
[+]

Entropy:
7.8758

Packer / compiler:
Xtreme-Protector v1.05

Code size:
3.4 MB (3,518,464 bytes)

The file ztequalcommwriter_v6.exe has been seen being distributed by the following 2 URLs.

http://s6117.chomikuj.pl/File.aspx?e=1IYvqUSB1VadiOET9IBoANbb2Z4l-GK94YmGLKPmjfAafaPRX-BDDa1jf8-yzeFFAUY14RrxEC3Ct8NwVTTI09ceFmoL8uhz6L-vIHLPGDId7IMZUYKbPuMrNxyh7ItYwQq3HWUGaNFpai5sNlreXrydJrvlcNVR2IPVAdUNcXY&pv=2

https://www.dc-unlocker.com/.../ZTEQualcommWriter_V6.exe

Scan ztequalcommwriter_v6.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.