home

gs911downloader.exe

GS911Installer Application

HEX Microsystems (Pty) Ltd

This is a setup and installation application. The file has been seen being downloaded from www.hexcode.co.za.
Publisher:
HEX Code  (signed by HEX Microsystems (Pty) Ltd)

Product:
GS911Installer Application

Description:
GS-911 Downloader

Version:
1, 0, 0, 2

MD5:
4fa9dd05ed1aec805bc14ff879f10dfe

SHA-1:
b4b417d96e82ec7447b40eeda7d7efaf69efb60b

SHA-256:
3f15c7abb2a1698caa44dc1f3788c16e0178f9f7c2c0f0b5d3a6c9445d7dcec3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 4:05:12 AM UTC  (today)

File size:
5.7 MB (5,978,680 bytes)

Product version:
1, 0, 0, 2

Copyright:
Copyright (C) 2012

Trademarks:
GS-911

Original file name:
GS911Installer.exe

File type:
Executable application (Win32 EXE)

Language:
English (South Africa)

Common path:
C:\users\{user}\downloads\gs911downloader.exe

Digital Signature
Signed by:
HEX Microsystems (Pty) Ltd

Authority:
Thawte, Inc.

Valid from:
9/19/2013 5:00:00 PM

Valid to:
9/20/2015 4:59:59 PM

Subject:
CN=HEX Microsystems (Pty) Ltd, O=HEX Microsystems (Pty) Ltd, L=Somerset West, S=Western Cape, C=ZA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
630B346CEB5AEBC80D6DFA9D5AD3220A

File PE Metadata
Compilation timestamp:
8/19/2014 7:24:14 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:gNudGaHc9T3mbEoBhl+H9gXdkQiJAT6krqLVrro++8enBoasFxxyqPcu:gNva8J8BECdk9JOrsVrro+plaexVku

Entry address:
0xADA1C

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, 88, FB, C3, 00, DA, 7E, DF, F8, 5F, 87, CD, F2, 35, F3, 33, 22, 3C, 1C, 28, 63, 5D, E8, FB, 81, C4, 44, 0D, 02, 9E, 0A, 96, AB, 05, B9, 47, 26, 95, DA, 19, 37, 88, 7B, FC, 9A, 99, D2, B9, 40, DA, 02, F0, 2D, CD, 6F, 20, 30, 03, 75, D3, 48, 74, 8D, B6, 8A, 11, 35, D6, BC, 2F, 68, 1E, D0, 83, 15, 7D, FA, AA, 82, E4, D7, 07, D4, 76, A9, EE, C9, 5F, 48, 19, 55, 7A, D5, 08, D3, 99, DE, 01, 31, 3B, 87, 04, 87, D3, 2B...
 
[+]

Entropy:
7.9965

Developed / compiled with:
Microsoft Visual C++

Code size:
2.3 MB (2,411,520 bytes)

The file gs911downloader.exe has been seen being distributed by the following URL.

http://www.hexcode.co.za/gs911downloader.exe

Scan gs911downloader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.