home

gpg4win-src-3.0.0-beta187.exe

GPG4WinSrc (3.0.0-beta187)

Intevation GmbH

The executable gpg4win-src-3.0.0-beta187.exe, “Gpg4win: The GNU Privacy Guard and tools for Windows (Source Files)” has been detected as malware by 1 anti-virus scanner. The program is a setup application that uses the Nullsoft Install System installer.
Publisher:
g10 Code GmbH  (signed by Intevation GmbH)

Product:
GPG4WinSrc (3.0.0-beta187)

Description:
Gpg4win: The GNU Privacy Guard and tools for Windows (Source Files)

Version:
3.0.0.38855

MD5:
a241903e314075b52a83da425fb848c8

SHA-1:
fef8e24849bd5cf2fb00bfb59d049c66324beb04

SHA-256:
298edde79fb01a1a9a1ed9409ffb8177ad85697504fa03aab871d593990a1582

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
7/15/2025 11:20:04 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Threat.Win.Reputation.IMP
16.10.17.20

File size:
216.4 MB (226,882,392 bytes)

Copyright:
Copyright (C) 2007 g10 Code GmbH

File type:
Executable application (Win32 EXE)

Installer:
Nullsoft Install System

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\gpg4win-src-3.0.0-beta187.exe

Digital Signature
Signed by:
Intevation GmbH

Authority:
GlobalSign nv-sa

Valid from:
3/30/2016 11:54:41 PM

Valid to:
3/31/2019 11:54:41 PM

Subject:
E=codesigning@intevation.de, CN=Intevation GmbH, O=Intevation GmbH, L=Osnabrueck, S=Niedersachsen, C=DE

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121A3D67EAB28AA86FD85728B57FA62630D

File PE Metadata
Compilation timestamp:
12/16/2014 3:04:38 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.24

CTPH (ssdeep):
3145728:1XElM8WcrYQxzc/psEXkis8TTSemHyu+AdTZl12s43TKPiLPOsBZV3N6l8CQVb5U:1XE28rYAspy5Hyu+Sl8JKPwrOKN9Ej

Entry address:
0x416D

Entry point:
55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, FF, 15, 74, 73, 43, 00, C7, 04, 24, 01, 80, 00, 00, FF, 15, 58, 74, 43, 00, 53, C7, 04, 24, 00, 00, 00, 00, FF, 15, 98, 74, 43, 00, 56, A3, 70, 5A, 43, 00, C7, 04, 24, 08, 00, 00, 00, E8, 83, 3C, 00, 00, A3, 40, 5B, 43, 00, 57, 8D, 85, 88, FE, FF, FF, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, A9, B2, 40, 00, FF, 15, AC, 74, 43, 00, 83, EC, 14, C7, 44, 24, 04, AA, B2, 40, 00, C7...
 
[+]

Entropy:
7.9997  (probably packed)

Code size:
34 KB (34,816 bytes)

Remove gpg4win-src-3.0.0-beta187.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.