home

gps7s64.exe

GPSDirect Sensor Driver

MICHAEL CHOURDAKIS

This is a setup program which is used to install the application. The file has been seen being downloaded from doc-0g-c8-docs.googleusercontent.com and multiple other hosts.
Publisher:
TurboIRC.COM  (signed by MICHAEL CHOURDAKIS)

Product:
GPSDirect Sensor Driver

Version:
1.Win32.Win64

MD5:
bad595bed47bc26c96a176421ce6c6cd

SHA-1:
cfa919ebed705934f61929629c7235ebcd6f269a

SHA-256:
06a47ffe41aa9ff6435a925afcce95112bf2a857f02eaf321608c7ae0208590e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/4/2024 8:32:47 PM UTC  (today)

File size:
2.8 MB (2,944,688 bytes)

Product version:
1

Copyright:
Chourdakis G.Michael - TurboIRC.COM

Original file name:
GPS7SXX.EXE

File type:
Executable application (Win64 EXE)

Language:
Greek (Greece)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\gps7s64.exe

Digital Signature
Signed by:
MICHAEL CHOURDAKIS

Authority:
COMODO CA Limited

Valid from:
3/27/2014 12:00:00 AM

Valid to:
3/27/2017 12:59:59 AM

Subject:
CN=MICHAEL CHOURDAKIS, O=MICHAEL CHOURDAKIS, STREET=AGIAS PARASKEYIS 61, L=PIRAEUS, S=GREECE, PostalCode=18539, C=GR

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
7FB71E0CCD2B7F3D76B0E838C81B4A18

File PE Metadata
Compilation timestamp:
7/7/2015 10:10:30 AM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
49152:DrmUUF/BYnW4edrFJ1BZ1LUc/NunLFv4MrER6aEBNnS8dRenCUA7Qir:DrVUF/BYnmhFzBZlUc4FHU6BBNbRAA7d

Entry address:
0x20C78

Entry point:
48, 83, EC, 28, E8, 4F, BE, 00, 00, 48, 83, C4, 28, E9, 02, 00, 00, 00, CC, CC, 48, 89, 5C, 24, 10, 48, 89, 74, 24, 18, 57, 48, 83, EC, 30, E8, A0, 46, 00, 00, 0F, B7, F0, B9, 02, 00, 00, 00, E8, DB, BD, 00, 00, B8, 4D, 5A, 00, 00, 48, 8D, 3D, 47, F3, FD, FF, 66, 39, 05, 40, F3, FD, FF, 74, 04, 33, DB, EB, 31, 48, 63, 05, 6F, F3, FD, FF, 48, 03, C7, 81, 38, 50, 45, 00, 00, 75, EA, B9, 0B, 02, 00, 00, 66, 39, 48, 18, 75, DF, 33, DB, 83, B8, 84, 00, 00, 00, 0E, 76, 09, 39, 98, F8, 00, 00, 00, 0F, 95, C3, 89...
 
[+]

Entropy:
7.8268  (probably packed)

Code size:
335.5 KB (343,552 bytes)

The file gps7s64.exe has been seen being distributed by the following 4 URLs.

https://doc-0g-c8-docs.googleusercontent.com/docs/securesc/e8vehucjn0v4bda2pth8sir34regu6tt/93ov6advr7mon7kfm6bro7ir8g07shbd/1449511200000/09092008428069151051/.../0B4u-2njuXGa1M29TZXpZZ2F2cms?e=download

http://www.turboirc.com/.../gps7s64.exe

http://files.downloadnow.com/s/software/11/73/.../44/gps7s64.exe

http://software-files-a.cnet.com/s/software/11/73/.../44/gps7s64.exe

Scan gps7s64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.