» gtk2121-setup.exe
Overview
Analysis
File Details
Programs (1)
Downloads (1)

gtk2121-setup.exe

Trojan Killer

Gridinsoft, LLC

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This file is installed with the program Trojan Killer. The file has been seen being downloaded from c353543.r43.cf2.rackcdn.com.

File name:

gtk2121-setup.exe

Publisher:

GridinSoft LLC (signed by Gridinsoft, LLC)

Product:

Trojan Killer

Description:

GridinSoft Trojan Killer Setup

Version:

2.1.2.1

MD5:

df8c9f3e660b89f9fba6da2244baf9ac

SHA-1:

2a22f6ddb3cf5f19600dd6ea43c3154c1ea28b1c

SHA-256:

a5df3c982ecb8007f8fe0397bdcbbdbf82f8035f32e05fc62127294461857a80

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

5/5/2024 9:29:41 AM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/1AntiVirus (variant)

8.7965

File size:

25.6 MB (26,853,544 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\gtk2121-setup.exe

Digital Signature

Signed by:

Gridinsoft, LLC

Authority:

VeriSign, Inc.

Valid from:

12/11/2011 7:00:00 PM

Valid to:

1/12/2015 6:59:59 PM

Subject:

CN="Gridinsoft, LLC", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Gridinsoft, LLC", L=Kiev, S=Kiev, C=UA

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

065DF919B8A90A37DEB26750CBB3BBD3

File PE Metadata

Compilation timestamp:

12/5/2009 5:50:46 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

393216:2yAk50qxgdJGoxgs4WaSPA69bP62r9rpMId11LNfBv2P/odSAEb1hPI2dxGUY8EG:2yAO0oq1pB9d1v0/WSAw1hPmUNp6+Vv

Entry address:

0x323C

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00... 
[+]

Entropy:

7.9999

Packer / compiler:

Nullsoft install system v2.x

Code size:

23 KB (23,552 bytes)

The file gtk2121-setup.exe has been discovered within the following program.

Trojan Killer by Gridinsoft LLC

Publisher's description - “Developed specifically for automatic removal of viruses, bots, spyware, keyloggers, trojans, scareware and rootkits without the need to manually edit system files or registry, Trojan Killer additionally fixes system modifications that were introduced by malware and which, regretfully, are often ignored by some popular antivirus scanners.”

trojan-killer.com

3% remove it

The file gtk2121-setup.exe has been seen being distributed by the following URL.

http://c353543.r43.cf2.rackcdn.com/gtk2121-setup.exe

Scan gtk2121-setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.