home

ggscan 1.2.exe

Zmora

This is a setup program which is used to install the application. The file has been seen being downloaded from s10356.chomikuj.pl.
Publisher:
Zmora

Description:
Skaner numerów GG

Version:
1.2.0.0

MD5:
4b0376886f6af25296cc98e77a75b2ac

SHA-1:
f01bb22577dbb45f777f0b736fa80fa304cb7574

SHA-256:
ce40b0f4e28c62b1251fdfa18f91f9a379be346a0df65bb7471839b8ec388d00

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/26/2024 6:27:30 PM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
BehavesLikeWin32.Keylogger
t3scan.2.2.29

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.24.3

File size:
676.5 KB (692,736 bytes)

Product version:
1.2

File type:
Executable application (Win32 EXE)

Language:
Polish (Poland)

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:BXREL5wl+PojuQs9vgwjMae8zP+QoMz0+Ob07W9v5Yc4gl:BhgK+PYY3wiz2o0+OA7GRo

Entry address:
0x89DDC

Entry point:
55, 8B, EC, 83, C4, F0, B8, 7C, 9A, 48, 00, E8, 68, C2, F7, FF, A1, AC, C4, 48, 00, 8B, 00, E8, 5C, EE, FC, FF, A1, AC, C4, 48, 00, 8B, 00, BA, 54, 9E, 48, 00, E8, 5B, EA, FC, FF, 8B, 0D, 3C, C6, 48, 00, A1, AC, C4, 48, 00, 8B, 00, 8B, 15, 94, 8F, 48, 00, E8, 4B, EE, FC, FF, 8B, 0D, 90, C6, 48, 00, A1, AC, C4, 48, 00, 8B, 00, 8B, 15, 10, 8B, 48, 00, E8, 33, EE, FC, FF, A1, AC, C4, 48, 00, 8B, 00, E8, A7, EE, FC, FF, E8, 4A, 9F, F7, FF, 00, 00, FF, FF, FF, FF, 14, 00, 00, 00, 47, 47, 53, 63, 61, 6E, 20, 62...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
548 KB (561,152 bytes)

The file ggscan 1.2.exe has been seen being distributed by the following URL.

http://s10356.chomikuj.pl/File.aspx?e=yyULU20qdUXazsqRGppGU1MnCco5g76_gCwu96oeMz28TaewyWgkGN1RC-Ej1w8DB92UDsD0QW-M1T1GT8bicQDXwwhexDqgEe_9uc9PZsglWcOsCRDNgMs6Dtdhk_C7rNslVJX5ZHg_uucYSTi_5A&pv=2

Scan ggscan 1.2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.