» gs-911.exe
Overview
Analysis
File Details
Behaviors (1)

gs-911.exe

HEX Microsystems (Pty) Ltd

It runs as a scheduled task under the Windows Task Scheduler.

File name:

gs-911.exe

Publisher:

HEX Microsystems (Pty) Ltd (signed and verified)

MD5:

d337d1ef7a79432c44b28b5ba7b389a5

SHA-1:

a57e3f6c08fba06a288f91965886166ddbd989f7

SHA-256:

b2cc7f211573e3d7eb9353e46497f9df57ea74430343d941933d76dbf0938a18

Scanner detections:

2 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/23/2024 11:58:11 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

AhnLab V3 Security

Win32/Virut.F

2015.01.18

ESET NOD32

Detection.Undefined

7.0.302.0

File size:

4.5 MB (4,763,192 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\gs-911 beta\gs-911.exe

Digital Signature

Signed by:

HEX Microsystems (Pty) Ltd

Authority:

Thawte, Inc.

Valid from:

9/20/2013 2:00:00 AM

Valid to:

9/21/2015 1:59:59 AM

Subject:

CN=HEX Microsystems (Pty) Ltd, O=HEX Microsystems (Pty) Ltd, L=Somerset West, S=Western Cape, C=ZA

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

630B346CEB5AEBC80D6DFA9D5AD3220A

File PE Metadata

Compilation timestamp:

7/24/2014 6:34:35 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:wDFwsA6v2zZ1k71M2FeOXsL4TTsULllMEUgyBglJTtOdQ2aEtWOeB1z3fGBLr3:systvhZMoPhTTss1UTqnTtOi3GA1z3f4

Entry address:

0x190408

Entry point:

55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, 64, 97, EA, 00, 27, 38, C1, 15, 7A, A4, A6, 5E, 0E, 52, 38, 15, 2C, 01, 16, 65, 51, 0B, FF, 9E, 3A, 99, 01, 7A, 94, 47, C2, AF, C5, 6F, 61, 33, 6D, 30, CC, 75, C2, C5, 72, 94, 03, 1F, 9A, B2, 00, 6B, E0, D2, DD, F4, 02, 45, ED, B3, 40, C5, 41, 40, 85, 68, 52, 8B, EA, 57, BF, 28, 2F, 57, 9A, DA, 50, 32, 8C, 48, 95, E0, 2F, CB, 3F, 46, 01, 44, 78, CD, 2D, 33, 4B, 8B, EB, 29, CA, C1, E4, 96, 85, EC, 7B, 68, 00, C3... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

5.4 MB (5,633,024 bytes)

Scheduled Task

Task name:

{03409AB5-8F7D-4068-A96D-1162EAC68885}

Trigger:

Registration (Runs on registration)

Scan gs-911.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.