home

giveaway.exe

Glarysoft Giveaway

Glarysoft Ltd

It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in.
Publisher:
Glarysoft Ltd.  (signed by Glarysoft Ltd)

Product:
Glarysoft Giveaway

Version:
2.1.0.705

MD5:
7c199cfbe81f41003df5d8702ff2ddf5

SHA-1:
3bb883e6cfcc3090652b7856f056a1055e6d009d

SHA-256:
c41ded405b0ccb0f2387113ec8c5b97f3d4580cae5c980ef29887cb6711690af

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 9:33:38 PM UTC  (today)

File size:
649.3 KB (664,864 bytes)

Product version:
2.1.0.705

Copyright:
Copyright (c) 2012, Glarysoft Ltd.

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\glarysoft\glarysoft giveaway\giveaway.exe

Digital Signature
Signed by:
Glarysoft Ltd

Authority:
VeriSign, Inc.

Valid from:
11/1/2012 12:00:00 AM

Valid to:
12/1/2015 11:59:59 PM

Subject:
CN=Glarysoft Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Glarysoft Ltd, L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7ABBA622E23F817B27D68D43E6E39093

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:xLP1bTzeLeiyGUIQpHBS9KAhRhI3MQCxxSkp+IyJqGkF0VvuClVUUuWV:xDlTzNGUIQpHIZRhhrTp+IywzavbVBu0

Entry address:
0x7B88C

Entry point:
55, 8B, EC, 83, C4, EC, 53, 33, C0, 89, 45, EC, B8, EC, B5, 47, 00, E8, F2, AD, F8, FF, 8B, 1D, 10, DB, 47, 00, 33, C0, 55, 68, 41, B9, 47, 00, 64, FF, 30, 64, 89, 20, 8B, 03, E8, 83, E2, FD, FF, 8B, 03, 8B, 40, 30, E8, 49, FC, FF, FF, 84, C0, 75, 60, 68, 80, 00, 00, 00, 6A, EC, 8B, 03, 8B, 40, 30, 50, E8, 3F, B9, F8, FF, 8B, 03, BA, 58, B9, 47, 00, E8, 4F, DE, FD, FF, 8D, 55, EC, B8, 01, 00, 00, 00, E8, BA, 71, F8, FF, 8B, 55, EC, B8, 74, B9, 47, 00, E8, D5, CD, F8, FF, 84, C0, 74, 0A, 68, 20, 4E, 00, 00...
 
[+]

Entropy:
6.6746

Developed / compiled with:
Microsoft Visual C++

Code size:
490.5 KB (502,272 bytes)

2 Scheduled Tasks
Task name:
Glarysoft Giveaway

Trigger:
Logon (Runs on logon)

Action:
giveaway.exe -autorun

Description:
Glarysoft Giveaway Initialization

Task name:
Glarysoft Giveaway

Trigger:
Logon (Runs on logon)


Scan giveaway.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.