home

gifcam.exe

GifCam

BahraniApps

This is installed with GifCam. The file has been seen being downloaded from 123.briian.com and multiple other hosts.
Publisher:
BahraniApps

Product:
GifCam

Version:
4.5.0.0

MD5:
feccaf5c12eaf5c262276469d70ba181

SHA-1:
0d478d3cfa0d30cec4579b0399a7691023599297

SHA-256:
15955e1c7f0b5d91d43cd7bb71145f407262c450a974bec39d4e5c47d848ca59

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 6:14:40 AM UTC  (today)

File size:
1.5 MB (1,603,584 bytes)

Product version:
4.5.0.0

Copyright:
© 2013-2014 BahraniApps

Trademarks:
GifCam

Original file name:
GifCam

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\gifcam.exe

File PE Metadata
Compilation timestamp:
10/8/2014 10:39:02 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:DmZtVgzgno44vpZMiqUPOuCKLwngUUmZBGSibKlm1Q3wA3T/w9OAIpgXY3TvGPTG:iJZXAUFZgSibU3wAD/O7IptT+PT

Entry address:
0x14D518

Entry point:
55, 8B, EC, 83, C4, F0, 53, B8, 1C, 4B, 54, 00, E8, 77, D0, EB, FF, 8B, 1D, 5C, 54, 55, 00, 8B, 03, E8, 02, 39, FB, FF, 8B, 03, B2, 01, E8, D5, 54, FB, FF, 8B, 03, BA, 38, D6, 54, 00, E8, 25, 33, FB, FF, 8B, 0D, 0C, 51, 55, 00, 8B, 03, 8B, 15, 14, 2D, 54, 00, E8, F2, 38, FB, FF, 8B, 0D, 04, 53, 55, 00, 8B, 03, 8B, 15, B8, FE, 52, 00, E8, DF, 38, FB, FF, 8B, 0D, 48, 56, 55, 00, 8B, 03, 8B, 15, 30, 3D, 53, 00, E8, CC, 38, FB, FF, 8B, 0D, D0, 56, 55, 00, 8B, 03, 8B, 15, 80, 12, 54, 00, E8, B9, 38, FB, FF, 8B...
 
[+]

Entropy:
6.5955

Developed / compiled with:
Microsoft Visual C++

Code size:
1.3 MB (1,358,848 bytes)

The file gifcam.exe has been discovered within the following program.

GifCam  by BahraniApps
About 2% of users remove it
 
Powered by Should I Remove It?

The file gifcam.exe has been seen being distributed by the following 3 URLs.

http://123.briian.com/forum.php?mod=attachment&aid=NjIwNXw2NDZkODhmN3wxNDY2OTEzODg0fDB8MzY3NQ==

http://123.briian.com/forum.php?mod=attachment&aid=NjIwNXxjZTg3MjAyOXwxNDEzNTE4Nzc2fDB8MzY3NQ==

http://www.logitheque.com/.../d8386164.dl

Scan gifcam.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.