home

gs-911downloader-1601.1.exe

GS911Downloader Application

HEX Microsystems (Pty) Ltd

This is a setup program which is used to install the application. The file has been seen being downloaded from dl2.hexcode.co.za.
Publisher:
HEX Code  (signed by HEX Microsystems (Pty) Ltd)

Product:
GS911Downloader Application

Description:
GS-911 Downloader

Version:
1, 0, 0, 3

MD5:
5e47d16b8819902cc2b5ce37c1da5bae

SHA-1:
ebcf31fee7edcb335a93adf2d6ab2afc43ddfe16

SHA-256:
ba2cd3dfd3aff4261fa7d93a92c335f42d76764a40d9ca18b0a649b931cfcf1b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 6:25:26 AM UTC  (today)

File size:
8.2 MB (8,611,056 bytes)

Product version:
1, 0, 0, 3

Copyright:
Copyright (C) 2012+

Trademarks:
GS-911

Original file name:
GS911Downloader.exe

File type:
Executable application (Win32 EXE)

Language:
English (South Africa)

Common path:
C:\users\{user}\downloads\gs-911downloader-1601.1.exe

Digital Signature
Signed by:
HEX Microsystems (Pty) Ltd

Authority:
thawte, Inc.

Valid from:
8/27/2015 2:00:00 AM

Valid to:
9/20/2017 1:59:59 AM

Subject:
CN=HEX Microsystems (Pty) Ltd, O=HEX Microsystems (Pty) Ltd, L=Somerset West, S=Western Cape, C=ZA

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
1E0B0062335D5204D23D18321AE8BDA2

File PE Metadata
Compilation timestamp:
1/26/2016 4:43:33 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
196608:FhS7xQxMlVftKVXovr1Iq7m2yckIkSeORIMagMuiilBElhwz:FhS4M1Hrz75cSeVMjfz

Entry address:
0x1919CF8

Entry point:
EB, 08, 00, AE, 41, 00, 00, 00, 00, 00, 60, E8, 00, 00, 00, 00, 5D, 81, ED, 10, 00, 00, 00, 81, ED, F8, 9C, 91, 01, E9, 04, 00, 00, 00, 18, 53, D4, DA, B8, F8, 9C, 91, 01, 03, C5, 81, C0, 4C, 00, 00, 00, B9, 78, 05, 00, 00, BA, 76, 89, 9D, 10, 30, 10, 40, 49, 0F, 85, F6, FF, FF, FF, E9, 04, 00, 00, 00, 0B, F5, B0, 57, FD, BB, FD, FF, 4A, 76, 76, 76, F7, B7, 8E, 76, 76, 76, 75, BB, CE, 73, 76, 76, 76, CC, 5E, 76, 76, 76, 81, 94, 75, BE, FD, F7, 7A, 76, 76, 76, 75, B3, 26, 26, 1E, 6E, 7F, 37, 76, 1E, AB, E5...
 
[+]

Entropy:
7.9929  (probably packed)

Code size:
2.4 MB (2,485,760 bytes)

The file gs-911downloader-1601.1.exe has been seen being distributed by the following URL.

http://dl2.hexcode.co.za/products/gs-911/.../GS-911Downloader-1601.1.exe

Scan gs-911downloader-1601.1.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.