home

gg.exe

Gadu-Gadu 10

GG Network S.A.

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Gadu-Gadu 10’.
Publisher:
GG Network S.A.  (signed and verified)

Product:
Gadu-Gadu 10

Version:
10,0,0,10784

MD5:
2efe3823c22175b4316279509f308f65

SHA-1:
3e11556d3dfd2db138eda633fad2690167d9e4e8

SHA-256:
03932b7cf103eb315db9d9fd963b3fde7067054fe3b2d6b030233ba12bf93db5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 3:22:51 AM UTC  (today)

File size:
11.2 MB (11,792,992 bytes)

Product version:
10,0,0,10784

Copyright:
Copyright (C) 2000-2010

Original file name:
gg.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\gadu-gadu 10\gg.exe

Digital Signature
Signed by:
GG Network S.A.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
3/9/2010 1:00:00 AM

Valid to:
3/8/2012 12:59:59 AM

Subject:
CN=GG Network S.A., O=GG Network S.A., L=Warsaw, S=Warsaw, C=PL

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
49A2BEA2198B6ED8E27823140324A6F9

File PE Metadata
Compilation timestamp:
3/11/2010 11:07:03 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:rT9Wc2nYGeQiYB9zuRUPeSM+CMiyM3A3CNhAW7a6g5KE2dRfRdE7:jGP9iR4e9+EyMwyNhAWUkE2dRg7

Entry address:
0x37CA9F

Entry point:
E8, C0, 03, 00, 00, E9, 39, FD, FF, FF, CC, FF, 25, F8, E5, A4, 00, FF, 25, 00, E6, A4, 00, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 88, 07, F3, 00, 89, 0D, 84, 07, F3, 00, 89, 15, 80, 07, F3, 00, 89, 1D, 7C, 07, F3, 00, 89, 35, 78, 07, F3, 00, 89, 3D, 74, 07, F3, 00, 66, 8C, 15, A0, 07, F3, 00, 66, 8C, 0D, 94, 07, F3, 00, 66, 8C, 1D, 70, 07, F3, 00, 66, 8C, 05, 6C, 07, F3, 00, 66, 8C, 25, 68, 07, F3, 00, 66, 8C, 2D, 64, 07, F3, 00, 9C, 8F, 05, 98, 07, F3, 00, 8B, 45, 00, A3, 8C, 07, F3, 00, 8B, 45, 04, A3...
 
[+]

Code size:
6.3 MB (6,606,848 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Gadu-Gadu 10

Command:
"C:\Program Files\gadu-gadu 10\gg.exe"


Scan gg.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.