» gu3setup.exe
Overview
Analysis
File Details
Programs (1)
Downloads (19)

gu3setup.exe

Glarysoft Ltd

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from www.bitstagcontent.com and multiple other hosts.

File name:

gu3setup.exe

Publisher:

Glarysoft Ltd (signed and verified)

MD5:

c79724fe3de9db328795706095f62f5e

SHA-1:

4a30e12597141bd0bed5cab31d449113e10bceed

SHA-256:

4a6c0c2435951c4b303dc17d724a9b82d94f34584678aca5aa5e07a2beab26b8

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/24/2024 10:08:57 AM UTC (today)

File size:

15.1 MB (15,796,792 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\gu3setup.exe

Digital Signature

Signed by:

Glarysoft Ltd

Authority:

VeriSign, Inc.

Valid from:

11/1/2012 8:00:00 AM

Valid to:

12/2/2015 7:59:59 AM

Subject:

CN=Glarysoft Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Glarysoft Ltd, L=Beijing, S=Beijing, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

7ABBA622E23F817B27D68D43E6E39093

File PE Metadata

Compilation timestamp:

12/6/2009 6:50:41 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

196608:w6C9DEbZpIqgaLttxdmagQHe4h4Tw73HUyZHeIc+5/f1SLG7w6e0Blmv+TEqYQ6h:wfDEdS7OHWB2hK80sp/oyM6XBC6yYE

Entry address:

0x30CB

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Entropy:

7.9996

Packer / compiler:

Nullsoft install system v2.x

Code size:

22.5 KB (23,040 bytes)

The file gu3setup.exe has been discovered within the following program.

360Amigo System Speedup PRO by 360Amigo

360Amigo System Speedup is a tool of Windows that works quickly in identifying the problem and fix it if there are some mistakes that result in slow system performance.

www.360amigo.com

56% remove it

The file gu3setup.exe has been seen being distributed by the following 19 URLs.

http://www.bitstagcontent.com/WegazrMWIWojUU9J2j99RPYAo2oGIT9tfkYmzaTZKzRB41KBE6YOtK6Y972mF4A5tItDB9q5gYhbndCiAq0WP4in2JbEGyDL4lEfDYeYv3oUkFGofw3mtB7uVLh5DF1CMbOfLrciZwyqzEy4NJk1maBPLnd1boSQ1mGS os7KCdMTsPeQ5RYHeYcq8eYjrLjJRZGjXYa-GywAAEQnh9S_1t4WUEABBpTUhRgyiUL6wjYQN1aUeY3EHVXJnoCwvw==

http://download-1.com/softwares/.../GU3.5.exe

http://www.bitstagcontent.com/3dic3E6QXIcUwc_t uLmmrpvafapvo0ybsrnX5Kb63n_BNUdXWsI4wXtteWWKuYRdMpQ0QnI CfaR2bQ_XtXHY4yIQNTX_6UKMonmAS7C0UK4zsXptMTrpsR6t1cBEoc 2G7Ke9g9PqYxkDVEsarUJLuSmvnjHO4VD3OaMpR1nkWhg1B0_h INFoO2Ch4jEq8D4jrCSatLdaX PL9ErDc8oYRYdf2Q==-GywAAEQnh9S_1t4WUEABBpTUhRgyiUL6wjYQN1aUeY3EHVXJnoCwvw==

http://www.bitstagcontent.com/p_fbA9CkKcjEehVMeG5xAC71iSaCdYUIclFuVWvRM3iUo7eOyn_ 44wUW5EXyadGEszQNHK2qB5sNGc25yEfhwuiCyUtPZnHayMTy3 5UsAbhXyzfKwUUdVxKrdtoBmJZWgBcPRD4xve9V3x6RuOVCgF94J_N1dxO88l8mO p1OyH5ncph_pfsS4j4KZ_M107Tg4jV7I-GywAAEQnh9S_1t4WUEABBpTUhRgyiUL6wjYQN1aUeY3EHVXJnoCwvw==

http://www.bitstagcontent.com/ekVWSPy1JQW4tR3TocARc4bClg5jrDdtfxKP2O2L6vulbR7ff6A8P1GEFJVO_RUhgpN9_Z759jh4eezSKI9STQXFDMgSYPeL5ko_9Em5VZ59qiiCvkBpjNvqD9W2Hrf Uo5bCCOtXNImTJQWvMz m513Vy7o8zpzofMAzGiAPcV3TbxlEzNRzP_9FA0JB4ook 8uDlft-GywAAEQnh9S_1t4WUEABBpTUhRgyiUL6wjYQN1aUeY3EHVXJnoCwvw==

http://www.bitstagcontent.com/xGbkdpvSETdtmyxF0jf3RgzYmj0KJCvz4troqm3oLBoLRvnFfpWZibHrp8Ba2YGgMzu9eeZ0_mDQMpKWtw78QM44_YLfF3xFEBpizwMxR6fcuGuaHtWMwBwANxLGQzkXDLWsau82pIWJj6A0FD7fkhEojpBNEYTrmneq04zFFsTeNVKvRUISB0DRBtECAs2qY0a8776k1A4GD3PiNsmxLPgnal_w_w==-GywAAEQnh9S_1t4WUEABBpTUhRgyiUL6wjYQN1aUeY3EHVXJnoCwvw==

http://www.bitstagcontent.com/V90IIvkLnbWcW_kkyyju1RgjW3pP8j_o7AJBqVbAF2dR4oS oKxuX8NetYWFHLhvvJLxG8y8WyjxTsPYFEP6t0hSpDqKCxaiVQxWfgb2T8WrwPGPfDQM3zQ0de79NocirgJ YbpJz9Mim1qXQ p8AmRjK51JuqgJ1g9cqbfDDh75o0YBrqAO2VLa9dVMfIf3RVC1DWY7-GywAAEQnh9S_1t4WUEABBpTUhRgyiUL6wjYQN1aUeY3EHVXJnoCwvw==

http://www.bitstagcontent.com/kgPEVsYho xqLZVyt2uR tDuefdPtwdavQs2AsQuaVsG5RXCSWhBkE21T7PlwAh93k9NCD5ZD3GxOQG0BWFb9XTYOM4s5TIGdmm6Krouy2o_V09ATZLouWA4HvBx5JmG8NHwItz_jYdQvnp7cJXtXKmP Ozf_bGtzxoTdMjhp0vE73w_ZUuWzwCFr4_eWncBJ13s XRu-GywAAEQnh9S_1t4WUEABBpTUhRgyiUL6wjYQN1aUeY3EHVXJnoCwvw==

http://www.bitstagcontent.com/386owJBCwGZx55M 45EhYBqYEODxbsU9W5 UaacziW8mDtvskBWtRxDbWx7sqxny xeOnc7v9ezYwcJqhTKGvU RvCI5nP82C1c3EYRN5Xyoz wIr7p9bKV5HoRyedCte1qSKYyCVxIJhOxQOOLIeo7NjD6eZOY7pc_v8MMZM_pvk 6vb5K1RjT7hMQGjWM1E8hWoKeU-GywAAEQnh9S_1t4WUEABBpTUhRgyiUL6wjYQN1aUeY3EHVXJnoCwvw==

https://tmpfile5474.s3.amazonaws.com/download77/ic_trackings/327/.../glary-utilities.exe

https://tmpfile7152.s3.amazonaws.com/download77/ic_trackings/12365/.../glary-utilities.exe

https://tmpfile4562.s3.amazonaws.com/download77/ic_trackings/58505/.../glary-utilities.exe

https://tmpfile4985.s3.amazonaws.com/download77/ic_trackings/46106/.../glary-utilities.exe

http://glary-utilities.software.informer.com/.../

http://download.informer.com/stor/.../gu3setup.exe

http://files.filepuma.com/files/system-utilities/.../Glary_Utilities_v3.5.exe

http://software-files-a.cnet.com/s/software/13/18/98/.../gu3setup.exe

http://124.254.47.39/download/47940984/70954711/4/exe/247/210/.../gu3setup.exe

http://download.glarysoft.com/gu3setup.exe

Scan gu3setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.