» GomEncDnInstaller.exe
Overview
Analysis
File Details

GomEncDnInstaller.exe

GOM

Gretech Corporation

The executable GomEncDnInstaller.exe, “GOM ENCODER Installer” has been detected as malware by 35 anti-virus scanners.

File name:

Publisher:

Gretech Corporation

Product:

GOM

Description:

GOM ENCODER Installer

Version:

1.0.0.1

MD5:

2d248bec9236e15174dbeb835a32db8e

SHA-1:

a9eaa88528729d21d29b1bffe5f08b10639c3e1e

SHA-256:

aebada4a0701b8c56b5294d843929a31fd6993deb952e7bbfb14d91a19a68e96

Scanner detections:

35 / 68

Status:

File is infected by a Virus

Explanation:

The file is infected by a polymorphic file infector virus.

Analysis date:

4/25/2024 8:14:14 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Win32.Virtob.Gen.12

918

Agnitum Outpost

Win32.Virut.AB.Gen

7.1.1

AhnLab V3 Security

Win32/Virut.F

2014.08.01

Avira AntiVirus

W32/Virut.Gen

7.11.30.172

avast!

Win32:Vitro

140617-1

AVG

Win32/Virut.AN

2014.0.3986

Bitdefender

Win32.Virtob.Gen.12

1.0.20.1060

Comodo Security

Virus.Win32.Virut.CE

19039

Dr.Web

Win32.Virut.56

9.0.1.05190

Emsisoft Anti-Malware

Win32.Virtob.Gen.12

8.14.07.31.03

ESET NOD32

Win32/Virut.NBP virus

7.0.302.0

Fortinet FortiGate

W32/FakeAV.RQ!tr

7/31/2014

F-Prot

W32/Heuristic-210!Eldorado (not disinfectable)

4.6.5.141

F-Secure

Win32.Virtob.Gen.12

11.2014-31-07_5

G Data

Win32.Virtob.Gen.12

14.7.24

IKARUS anti.virus

Virus.Win32.Virut

t3scan.1.6.1.0

K7 AntiVirus

Virus

13.182.12911

Kaspersky

Virus.Win32.Virut

15.0.0.494

McAfee

W32/Virut.n.gen

5600.7052

Microsoft Security Essentials

Threat.Undefined

1.179.1743.0

MicroWorld eScan

Win32.Virtob.Gen.12

15.0.0.636

NANO AntiVirus

Virus.Win32.Virut.hpeg

0.28.2.61148

Norman

Virut.HL

11.20140731

nProtect

Virus/W32.Virut.Gen

14.07.31.01

Panda Antivirus

W32/Sality.AO

14.07.31.03

Qihoo 360 Security

Virus.Win32.Virut.O

1.0.0.1015

Quick Heal

W32.Virut.G

7.14.14.00

Rising Antivirus

PE:Win32.Virut.cx!1553679

23.00.65.14729

Sophos

W32/Scribble-B

4.98

Total Defense

Win32/Virut.17408

37.0.11091

Trend Micro House Call

PE_VIRUX.R-3

7.2.212

Trend Micro

PE_VIRUX.R-3

10.465.31

Vba32 AntiVirus

Virus.Virut.14

3.12.26.3

VIPRE Antivirus

Threat.4120919

31208

ViRobot

Win32.Virut.AM

2011.4.7.4223

File size:

240 KB (245,760 bytes)

Product version:

1.0.0.1

Original file name:

GomEncDnInstaller.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\windows\temp\gomencdninstaller.exe

File PE Metadata

Compilation timestamp:

8/16/2009 1:27:50 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

3072:vtITU2U7cCnRAkMv7c9fqECPPFqUdrPY3Rqofaod+lSUxfeZWqiGgUu3mb0VqDjt:4WcyRAkMgRqEG9DdrPYB+feMqiQ0LT0

Entry address:

0x1AE78

Entry point:

68, 14, 6A, 00, 00, F8, 59, E9, 58, FF, FF, FF, 39, A7, E7, 36, 4A, 1C, 87, 6E, 00, B5, E5, 00, 1E, 95, 97, 12, A4, 6A, 63, 0F, 8D, 3F, FF, FF, FF, 86, D1, E9, 09, 49, 02, 00, 00, C6, EA, 00, 9D, 37, A0, 8D, 8A, 4F, 87, CF, 20, 00, 00, 75, 00, 05, 00, 50, 0B, 13, 71, 04, C8, 58, EF, 4B, C0, 00, B4, 3C, 00, FA, FA, 50, 32, 96, 2F, 00, 00, E4, 56, A7, ED, E5, 58, 2C, 00, 00, A6, 4A, 00, 00, A2, 3A, 00, 00, 37, C3, 95, FD, 0B, 28, 5B, 47, 00, 01, 78, 00, 9B, 00, 24, 33, 11, B5, DD, 96, 77, 47, 78, 57, 0C, 00... 
[+]

Entropy:

6.2845

Code size:

104 KB (106,496 bytes)

Remove GomEncDnInstaller.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.