home

egifan5.exe

Easy Gif Animator

Blumentals Solutions SIA

This is a setup and installation application. The file has been seen being downloaded from www.vuiis.vanderbilt.edu.
Publisher:
Karlis Blumentals  (signed by Blumentals Solutions SIA)

Product:
Easy Gif Animator

Description:
Easy Gif Animator Installer

Version:
3.3.0.3

MD5:
8250333be19bf4f82efd0bafd908a866

SHA-1:
89e59be2ea3cdbfd07b89ed17b89d1705913248d

SHA-256:
6c0b1a17c3ad9f0f5c18a4cd4f2cb58c85cf8087becfa2bdb959f1dd9643673d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 5:55:41 PM UTC  (today)

File size:
4.6 MB (4,873,544 bytes)

Product version:
3.3.0.3

Copyright:
?Karlis Blumentals

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\dicom tools\egifan5.exe

Digital Signature
Signed by:
Blumentals Solutions SIA

Authority:
The USERTRUST Network

Valid from:
2/18/2009 6:00:00 PM

Valid to:
2/19/2012 5:59:59 PM

Subject:
CN=Blumentals Solutions SIA, O=Blumentals Solutions SIA, STREET=Kr.Valdemara 151-190, L=Riga, S=Riga, PostalCode=LV-1013, C=LV

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00B7B48CD2B135F358DBADC8EBF1C7B6BB

File PE Metadata
Compilation timestamp:
1/16/2006 5:48:38 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
98304:m9+eE0BDPW8q+CDLbDQYti1RcQM9sP7YjW6hgv45ijqJAFBr+3PO3i3615:mJEr8lCDLvZiWrBxhgvuJE4Pt615

Entry address:
0x3178

Entry point:
83, EC, 20, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, C0, 84, 40, 00, C6, 44, 24, 14, 20, FF, 15, 34, 80, 40, 00, 53, FF, 15, 74, 82, 40, 00, 68, B0, 84, 40, 00, 68, 00, 31, 43, 00, A3, B0, 41, 43, 00, E8, 2D, 22, 00, 00, BE, 00, 18, 44, 00, 56, BF, 00, 08, 00, 00, 57, FF, 15, 64, 81, 40, 00, E8, 55, FF, FF, FF, 85, C0, 8B, 2D, 74, 80, 40, 00, 75, 21, 68, FB, 07, 00, 00, 56, FF, 15, B0, 80, 40, 00, 68, A8, 84, 40, 00, 56, FF, D5, E8, 32, FF, FF, FF, 85, C0, 0F, 84, 47, 01, 00, 00, BE, 00, F0...
 
[+]

Entropy:
7.9991  (probably packed)

Code size:
26 KB (26,624 bytes)

The file egifan5.exe has been seen being distributed by the following URL.

https://www.vuiis.vanderbilt.edu/~welcheb/installs/.../egifan5.exe

Scan egifan5.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.