home

GiljabiStart.exe

LG LIU

LG Electronics Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘LG Intelligent Update’.
Publisher:
BIT LEADER  (signed by LG Electronics Inc.)

Product:
LG LIU

Description:
Giljabi Start

Version:
3.0.0.1

MD5:
84139272a296fb1433f07543ab7bd692

SHA-1:
6a5658c9b4027d1c51b91c1b1b90d70da4636157

SHA-256:
e37515dd1aae9bd2d73db7e4093909eb45859c8640b6acd7330e8136ac23d25a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 2:23:08 PM UTC  (today)

File size:
225.6 KB (230,968 bytes)

Product version:
3.0.0.1

Copyright:
Copyright (C) 2006

Original file name:
GiljabiStart.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\lg_swupdate\giljabistart.exe

Digital Signature
Signed by:
LG Electronics Inc.

Authority:
VeriSign, Inc.

Valid from:
7/26/2006 7:00:00 PM

Valid to:
8/23/2007 6:59:59 PM

Subject:
CN=LG Electronics Inc., OU=Engineering Dept. DID Division, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=LG Electronics Inc., L=Kumi, S=Kyoungsangbuk-do, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
64C61C01A86BFD91DF2D91C0482D9BFA

File PE Metadata
Compilation timestamp:
2/27/2007 7:17:27 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:P+OqFLUbjdxuvLH9dyqvt1xFdc1jpQt3msT1aEKLCXgGy34ZDf7IAe3lYy2bIV1A:mO0HP15IpqX3I/3lYHV

Entry address:
0x35A9E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.9565

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
208 KB (212,992 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
LG Intelligent Update

Command:
"C:\Program Files\lg_swupdate\giljabistart.exe" gilautouc


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.