» gatransfer.exe
Overview
Analysis
File Details
Programs (1)

gatransfer.exe

Garena Online Pte Ltd

This is installed with Garena Plus.

File name:

gatransfer.exe

Publisher:

Garena Online Pte Ltd (signed and verified)

MD5:

9c0a4c068dd6804383a1099eb46dca7d

SHA-1:

bf005112bde9c0fea6436e9230daaacad9f2001e

SHA-256:

23e9825b3868a01415ccd9ca2c2a96b3a2fbedd68334e2a7e1fdd078f0ddc132

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 3:00:35 PM UTC (today)

File size:

1.2 MB (1,268,016 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\garena plus\gatransfer.exe

Digital Signature

Signed by:

Garena Online Pte Ltd

Authority:

VeriSign, Inc.

Valid from:

10/18/2011 3:00:00 AM

Valid to:

11/3/2014 2:59:59 AM

Subject:

CN=Garena Online Pte Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Garena Online Pte Ltd, L=Singapore, S=Singapore, C=SG

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

2880A7F7FF2D334AA08744A8754FAB2C

File PE Metadata

Compilation timestamp:

1/9/2013 1:04:22 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

24576:CGmcAnSCmMdv8ABBs6y8ZnqoY6azsOdoVL:CSWvHBBLy8ZqoY6azsOdoV

Entry address:

0x6140C

Entry point:

E8, 07, 07, 00, 00, E9, 9F, FD, FF, FF, 6A, 10, 68, E8, E4, 50, 00, E8, 32, 04, 00, 00, 33, C0, 89, 45, E0, 89, 45, FC, 89, 45, E4, 8B, 45, E4, 3B, 45, 10, 7D, 13, 8B, 75, 08, 8B, CE, FF, 55, 14, 03, 75, 0C, 89, 75, 08, FF, 45, E4, EB, E5, C7, 45, E0, 01, 00, 00, 00, C7, 45, FC, FE, FF, FF, FF, E8, 08, 00, 00, 00, E8, 39, 04, 00, 00, C2, 14, 00, 83, 7D, E0, 00, 75, 11, FF, 75, 18, FF, 75, E4, FF, 75, 0C, FF, 75, 08, E8, 0E, FB, FF, FF, C3, CC, FF, 25, 98, 33, 4F, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC... 
[+]

Code size:

965.5 KB (988,672 bytes)

The file gatransfer.exe has been discovered within the following program.

Garena Plus by Garena Online Pte Ltd.

The Garena Plus application developed for various games distributed by the comapny allows gamers to develop buddy lists, chat with friends online and check on game progress and achievements.

www.garena.com

About 2% of users remove it

Scan gatransfer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.