home

1e3f700d-57b2-471e-9296-c665a30dbb6e.exe

GS911Installer Application

HEX Code

This is a setup and installation application. The file has been seen being downloaded from www.hexcode.co.za.
Publisher:
HEX Code  (signed and verified)

Product:
GS911Installer Application

Description:
GS-911 Downloader

Version:
1, 0, 0, 2

MD5:
3ff333fe4b9581e68a9da8bb5e8ce3b7

SHA-1:
88060290a2c73d81b5ac6a4c4f770da0cec52abf

SHA-256:
9b27bd1ec8cd72653df3d0f8fbb5f5a688b3edf983fb34d99f6e7ac3ed378d57

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/8/2024 11:37:03 AM UTC  (today)

File size:
4.7 MB (4,972,352 bytes)

Product version:
1, 0, 0, 2

Copyright:
Copyright (C) 2012

Trademarks:
GS-911

Original file name:
GS911Installer.exe

File type:
Executable application (Win32 EXE)

Language:
English (Rep. Poludniowej Afryki)

Common path:
C:\users\{user}\downloads\1e3f700d-57b2-471e-9296-c665a30dbb6e.exe

Digital Signature
Signed by:
HEX Code

Authority:
VeriSign, Inc.

Valid from:
11/1/2011 1:00:00 AM

Valid to:
11/1/2013 12:59:59 AM

Subject:
CN=HEX Code, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=HEX Code, L=Stellenbosch, S=Western Cape, C=ZA

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3801551A671C73CF7A833A96D33B4546

File PE Metadata
Compilation timestamp:
3/26/2013 10:05:04 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:16JBmj6eq68z90WWxCaGBlWns2NJeksmd3tSiWrcr0d8ZKiZQj0WhNzFh28:YbmjbqLmWWnsCWmd9SiW4Qd/iuDL5

Entry address:
0x2C23A

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, B6, 20, 88, 00, 03, ED, 3E, CA, 22, 48, E1, 75, 6D, CD, 6F, 2C, 34, 70, AE, 2B, F4, 77, BC, EB, 66, 46, 53, F9, 86, E4, AE, FA, D4, 8B, BA, 7B, 37, C9, 68, EA, CF, 8E, 57, 4F, 82, 77, 69, 0A, 5D, B3, BC, F2, EB, 4E, 19, DD, 40, CB, 10, 7E, D2, B4, C5, 63, 57, C4, E2, D0, E0, 09, 69, 5D, 87, B0, 53, 5A, 6E, 86, 6C, DD, 5A, E5, 80, E1, A3, C7, 77, 1E, D3, 2C, 6F, 87, 17, CD, 5A, 30, 2A, E9, E0, 19, 39, 7F, 0E, C1...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.5 MB (1,584,128 bytes)

The file 1e3f700d-57b2-471e-9296-c665a30dbb6e.exe has been seen being distributed by the following URL.

http://www.hexcode.co.za/gs911downloader.exe

Scan 1e3f700d-57b2-471e-9296-c665a30dbb6e.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.