home

ztequalcommwriter_v9.exe

DTZTEFDW

UAB ”DIGITEKA”

This is a setup program which is used to install the application. The file has been seen being downloaded from www.dc-unlocker.com.
Publisher:
UAB Digiteka  (signed by UAB ”DIGITEKA”)

Product:
DTZTEFDW

Description:
ZTE Firmware writer

Version:
0.0.0.9

MD5:
200617ccfc0fdc2af609e0fef5d7e7e6

SHA-1:
4ec2054a892ec51a7e05ecb55d570b0428f327f8

SHA-256:
5fbc0141d373e33dae81aa8865814fb60cd951091471cc56c0ca067d39d3ed08

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 1:56:52 PM UTC  (today)

File size:
8.1 MB (8,507,024 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
Lithuanian (Lithuania)

Common path:
C:\users\{user}\downloads\programs\ztequalcommwriter_v9.exe

Digital Signature
Signed by:
UAB ”DIGITEKA”

Authority:
StartCom Ltd.

Valid from:
1/2/2013 1:51:01 AM

Valid to:
1/3/2016 11:41:22 AM

Subject:
E=manager@digiteka.lt, CN=UAB ”DIGITEKA”, O=UAB ”DIGITEKA”, L=Panevėžys, S=Panevezio Apskritis, C=LT, Description=BQlAnZSt091y56bp

Issuer:
CN=StartCom Class 3 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
085A

File PE Metadata
Compilation timestamp:
9/3/2013 3:29:03 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:RHiXe2fLPJvTUPjsHqw4NKMUDBwvzC1MFbXYU:xiDfLAed4gMzvzmMFboU

Entry address:
0x119BBA2

Entry point:
50, 9C, C7, 44, 24, 04, FC, 36, 00, D2, 60, 8D, 64, 24, 24, 0F, 84, 9F, 1F, 99, FF, 9C, C7, 04, 24, F6, E0, BE, 9E, 60, 8D, 64, 24, 20, E9, 45, 1E, 00, 00, 5F, C4, 06, 77, 66, 9B, F5, D8, B3, 6C, 67, 54, B5, 5A, C7, 70, 32, E7, AD, 98, 88, AB, 7F, A6, 59, FA, 3C, D1, 46, FD, 31, E2, 58, D9, 7A, DB, E5, 92, A1, FD, 4C, 04, 3E, E7, E2, C7, 9A, 3F, C2, 6E, 7F, F3, 41, C7, 7F, EB, EA, 96, F1, 22, 18, 01, 23, A6, 62, 0B, E7, EF, F3, 4A, EA, F4, 58, 35, 7E, B1, 49, 09, D0, 71, 6E, 32, EB, 27, 3A, 39, 50, D2, A8...
 
[+]

Entropy:
7.8778  (probably packed)

Code size:
3.4 MB (3,525,120 bytes)

The file ztequalcommwriter_v9.exe has been seen being distributed by the following URL.

https://www.dc-unlocker.com/.../ZTEQualcommWriter_V9.exe

Scan ztequalcommwriter_v9.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.