home

gs-911downloader-1506.1.exe

GS911Downloader Application

HEX Microsystems (Pty) Ltd

This is a setup program which is used to install the application. The file has been seen being downloaded from dl2.hexcode.co.za and multiple other hosts.
Publisher:
HEX Code  (signed by HEX Microsystems (Pty) Ltd)

Product:
GS911Downloader Application

Description:
GS-911 Downloader

Version:
1, 0, 0, 3

MD5:
f23455b77eb39810a3e54033c66991fc

SHA-1:
c52c2008156a9f20aa25913f6765737badf031e3

SHA-256:
b53f6c15bf5b66e14fb5b1e6cd88f49539b8eda0c5595a5b7cd2d9109872b15f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 10:25:07 AM UTC  (today)

File size:
5.6 MB (5,906,488 bytes)

Product version:
1, 0, 0, 3

Copyright:
Copyright (C) 2012+

Trademarks:
GS-911

Original file name:
GS911Downloader.exe

File type:
Executable application (Win32 EXE)

Language:
English (Südafrika)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\gs-911downloader-1506.1.exe

Digital Signature
Signed by:
HEX Microsystems (Pty) Ltd

Authority:
Thawte, Inc.

Valid from:
9/20/2013 2:00:00 AM

Valid to:
9/21/2015 1:59:59 AM

Subject:
CN=HEX Microsystems (Pty) Ltd, O=HEX Microsystems (Pty) Ltd, L=Somerset West, S=Western Cape, C=ZA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
630B346CEB5AEBC80D6DFA9D5AD3220A

File PE Metadata
Compilation timestamp:
6/8/2015 12:56:24 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:2Td03/3zCEyeX4XA+wgUJg2L8N5hxrwCdgfyJhV5dMJ2ZFh+wJZnoWdY5Jh3+/V3:2TCvDCEb4+gCg2S3xrvyfUV5dMO+JvHk

Entry address:
0x10A3AF

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, 19, 86, BE, 00, CF, 71, 72, 8C, 80, 76, E6, 43, 67, 54, 43, BA, 1B, 51, E3, C7, 88, 2B, FA, 81, 73, DC, 1A, D5, B1, C2, 3E, A4, 19, B4, 52, 35, 15, E0, BF, 32, 2C, FF, BA, 88, B7, 40, 35, 5F, 43, 6E, 76, 2C, 4B, C9, F4, 5E, E6, B1, E2, 97, 76, EF, 09, DE, 1B, A6, A3, 94, F3, BA, B2, 4E, 5A, DE, 69, 4E, A4, 39, BD, 1F, 6F, D3, D1, F7, DA, 6F, 15, B1, 68, AA, 22, 39, 17, 34, 86, 14, E6, 76, 53, C9, 67, 31, B9, 88...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
2.4 MB (2,493,440 bytes)

The file gs-911downloader-1506.1.exe has been seen being distributed by the following 2 URLs.

http://dl2.hexcode.co.za/products/gs-911/.../GS-911Downloader-1506.1.exe

http://www.hexcode.co.za/gs911downloader.exe

Scan gs-911downloader-1506.1.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.