» gu4setup.exe
Overview
Analysis
File Details
Downloads (381)

gu4setup.exe

Glarysoft Ltd

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

gu4setup.exe

Publisher:

Glarysoft Ltd (signed and verified)

MD5:

7cdd6e675979837daa55dc94ffe8030b

SHA-1:

c96bf4f42d049ce228713589e200125db9c498f6

SHA-256:

12e9599bcf755991d694583704f315a7e239b30ded04462efd97e1d81795be3d

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/10/2024 10:36:43 PM UTC (today)

File size:

11.9 MB (12,485,568 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Digital Signature

Signed by:

Glarysoft Ltd

Authority:

VeriSign, Inc.

Valid from:

10/31/2012 5:00:00 PM

Valid to:

12/1/2015 3:59:59 PM

Subject:

CN=Glarysoft Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Glarysoft Ltd, L=Beijing, S=Beijing, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

7ABBA622E23F817B27D68D43E6E39093

File PE Metadata

Compilation timestamp:

12/5/2009 2:50:41 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

196608:mLKaiIsVhHx6Me8j8dAPLMHUKtx/nWksD6jThDCI+0+Shb6YIR6Ho:mLKtIsVLeS8n0ixPW4ThWiyY

Entry address:

0x30CB

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Entropy:

7.9992

Packer / compiler:

Nullsoft install system v2.x

Code size:

22.5 KB (23,040 bytes)

The file gu4setup.exe has been seen being distributed by the following 50 URLs.

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_fr&type=PROGRAM&Expires=1480307509&Signature=T14XxkA5OnbXNf3fD8v9de9upBziFzdB4l6oOBDI9v1fRXeBtwN6jhT-f7vPvGKg6ocTRdsN1~K3MrQN0pR~xiKtoHQb6duvrYG4K4JuDcNjFExx4n4BK7v9OTq91OzNs6A~Ov0DogvOvuLwBlN6i~18fvmh8LtGUHNbavo6tdo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_es&type=PROGRAM&Expires=1481371048&Signature=DppXlY-W-pwQ2zsYB3YAbgryzFW-XKHKbp6A4RPEMkuO9mvlyabKUh1aWXa4QrMlmlVJ2ReuXxXaZM2f5ee5ppz4mdyYCfDn86Wpn6cRagFJXgD2GX0cYc0FrJ~7mMDMbjka2a9P1o233CeMnTBhYRmiV0yvy3DC2JucGyuxDGw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_es&type=PROGRAM&Expires=1482119250&Signature=dhQVrs1XShVIyPmGuxK9GPAUClGdrBfJRLl0MO4HuBmCnmZcFrHPoJaxKJsrSmVEb272Fphvy3L7JCtFQNvuHI-z3JmrFGtC9siI46wzD4vS65N-vgN0k8E0fCKaLEcSFeHVtindq1NSo8OqYPBbA5HowUX0gKNOTiiYm6yMiQM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://www.filepuma.com/file/1398770881c5619/glary_utilities_4.10.0.100/.../0/

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_fr&type=PROGRAM&Expires=1475469022&Signature=RoDRcg7jLzKbtY4BZGEzmEibDV2J~IqWR44ubuUvIzuGd5xroSTf05gvWqvwzoNeW3v0s1Imq0vLL3PQXC4h--mfihNVozh1LnOFPcSJtwkq3NS939MJGfttRalUglgtpFMcoCCMP9oUvuwRvH~05HWbfrli4BzEVwrpHX4zm5Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_es&type=PROGRAM&Expires=1462690290&Signature=HZuV1veukEV4FWF~7aJkcjAV043~ioOH0yf-N8TNzfDWE2h5EhlngNa6g2O9ESRpLaKdTxVGqZDO81ceiURZdwzDCF7EJUmhdoLoVPsRM~B-g~iya~urFhw5N9zY46puUtx8JIGyuuM7xaw2KpNiUBQrYTgBICHFEJEJoStvrHs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_es&type=PROGRAM&Expires=1486972097&Signature=NwqzLhcW06BtUKtbfKsNmJzWqwRS0F7ogwFhQJV15-cdo9i6am6onxvTfTmRGW6EtHmmTx731etwxdrAlz-MBz0oS6ayMOyWJ~yRnKdtTczuyLN~rgKFOTA-KdauP3ogyjuwe9xeSmfKdhC2ryFG6W4MUKXRr496PZmtPHVRwIw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_fr&type=PROGRAM&Expires=1482056709&Signature=QT793JoXn8NuyYkp7frzkf~PwyDrZBU3qQdL8-P5xCsXubSsI1fDKLAg0RfYYaGjcD~jYD49BlHX-CQLRE5fawI6Z5lERGilp66o7KhBSvyD1eVW5swIxKOk2kTPW8Dhb6BQZQaxPp443YNh~3FrLJyaZz6qh1FEhO6y1qmU3ME_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_fr&type=PROGRAM&Expires=1485074261&Signature=UfGts04PoSplcTh7uy0V7WgQOwvsLEH~rnkC0CUx-XlHuydnO-MUsN7KtcpS8iPDo4OkzMxXFL4urW1cjgzKdyHfWEr1vEcfQX00PRd2MvvB0TvznBEoXsdyexYL15wRa7pedCtuAhfKWkPUZ~O~7UJxoqhoDAAFT2nJIELrLwQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://www.filepuma.com/file/1399050298c5619/glary_utilities_4.10.0.100/.../0/

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_es&type=PROGRAM&Expires=1469006313&Signature=hvexhZpCWKSMbNtfGu4X2i-p4HUZYMkIVmKn~zb9D0UIXwWAcWBzOdWHfRlJJihjWcONBdAfnYaqvDbkSST3fMKYPJgoE84vHTi8KzUjJkrpFaiB3F4GICYrlGltorUGmZnU~S~8S4YdPHKH8wlgfS1UN-TUa1FfJAoFqHOmt30_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_de&type=PROGRAM&Expires=1446177922&Signature=Uh5C-ogAYgMmoRnj2kKIfWJNIjsbmSc6Wr8eueTzuobA~qM3vKZtyWvuxxgdo9II3qfO5S8ppJpX-0W9a1KwYF3LtAeYOSMpcDfmIc4zbd-e0eGOe3Swu1xoEZhWBI3L8llUUU1EJWzLFkbgAV-BmfUmAXR5YVyzopzkruhwwYk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_fr&type=PROGRAM&Expires=1469765436&Signature=BBMBm5hBToMo4hIRKEVo71lXq-HxeKlxDhIiFedtwM~~M2ZuHxbUtB4MMLtJfpQ1sPfkohKOAinyNGSzZKRaxI2ZrbMI8JPWATkTkdg0~XgUSrBL6BlBJZenz6Jcac8twBePxEeEtgmTElW85lw24DqOixd-CIHyt097KicPjG8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_es&type=PROGRAM&Expires=1476103011&Signature=WjrDjKzVU2dlJPhMTj2LtbWiIjYG69CgsUwdBoBdrZULR70OECjnLsGDoh9d4xg8CqaCfctfeftBpol6BC~-L3CTWCWaU143O8rzhmEyWAo~HlXMLmKB815KWCaw6eyBAyiShHxgrgxtPpgMZllRmsm9Om2Awh64~yX-bUtuMz4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_es&type=PROGRAM&Expires=1440407563&Signature=TO2fxkug0C81KGNO6uPB~-pSx7r8WQibUcx~yAxj9wY5L3~7erypErccnUkX-hOjbUTVKwENr6XY4Pfga7vouyC1MMKVw8TymIBHosDrTw8nBOfmKHnHssgh1ljg6xjoJX0lduN7p23Zz51IsGDKCDqW2VBgeMiAtdOcKBS5C5c_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://inndl.com/download.php?version=010914&domain=glary-utilities&name=Glary Utilities&icon=aHR0cDovL3NjcmVlbnNob3RzLmZyLnNmdGNkbi5uZXQvZnIvc2Nybi82NTAwMC82NTM2OC9nbGFyeS11dGlsaXRpZXMtMTgucG5n&ss=http://screenshots.fr.sftcdn.net/fr/scrn/65000/.../glary-utilities-5.png?key=api&url=aHR0cDovL2Rvd25sb2FkLmdsYXJ5c29mdC5jb20vZ3VzZXR1cC5leGU=&os=&lang=fr_FR&desc=T3V0aWwgZGUgZGlhZ25vc3RpYyBldCBkZSByJmVhY3V0ZTtwYXJhdGlvbiBkZSB2b3RyZSBvcmRpbmF0ZXVy&gclid=1

http://www.filepuma.com/file/1398773846c5619/glary_utilities_4.10.0.100/.../0/

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_es&type=PROGRAM&Expires=1475832021&Signature=dvxexrGltTkQFuURZ6UkUOmkdCnSP3dOjqqhlBCdRJlCLM8Sq7Utdg0e~UJd81ngjUXUizcblO5cZxQBAYu11gxlG46FxUVF49y6ez6zQsapxkBbWoszwqWPxgOmsbe6cWV7dks-rMB2L01G7NYd2x74sUNkYnNalfC1SQx3exo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_es&type=PROGRAM&Expires=1470807665&Signature=H5CgoPO~NDHAGw4FzJxR--gH3p8AAuZb8uTAy0-qk~8BOS8z2Yk7ZvVuaZLJu5V70vNxDNqH2UZmP4X~k9iSxcrS5eemxpGQIxw55jTpDoG3ayQWlXRJp55Oulk0kN~R-LRSVFs8q3KNMjRUhlelc58FyCsLB-VMtzdXBydNJZM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://www.filepuma.com/file/1399814499c5619/glary_utilities_4.10.0.100/0/.../

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_en&type=PROGRAM&Expires=1450015444&Signature=Ako0PP4QMwAKLnz-uuh15wRCmTe8cdzMxM~Pk5hHa5TtQVSGqvdJDlKvAT9bKN1bZ84v-s6hMUla5IDKBuuzz8gKuwqtD4LytfgyMW~EV7gbky-0qbFSaplXCABBpMIbasc5JVvVQRxVME5oshmAkXi9LhjLAqnS~uoP53L3Z5I_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_es&type=PROGRAM&Expires=1439291799&Signature=Q4nI4pXBksRWGC2T5H008ZLCsnBoDyOlIgu7-DsxURYJW0I1-qNqtjs6Gw4d~Egh-yJXaxa9s6yLqPhgVXY15gSla2wQ3N5n~ZHCuxyFVpRSK2cOffnLbGR~o~7CvFyE8bwFyb10-ebW4ZIg18VlfGsUiJqpnJgepMUPZk4iF6I_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_es&type=PROGRAM&Expires=1480591710&Signature=D4XzqMVEP86HMIZb9qs9PPlsT9h9mSHrrycKc0fhRGZ3g6TX05yUT9Trp7kg7hPGa9PVYc-sbbq2Hd5YYzS4HadqYUgGAN38GM1es3YPyt2RYuJQ5EM3eUkEaNrLMnLrPUrVZ2t2JoOagrafixmFlxO0ozgpzgiBmcsItpqIgGA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_br&type=PROGRAM&Expires=1465850085&Signature=SREAxHVNjgbik6QsI5~pP6IO60-TUN2ttscBvRASPwX0wX2lO-gMMyys2yIXpqmmHYzKXlqNn58WQ3MRMGDpdg-946RTE1YHq4jVaDss6YOO1UUvVqH7-prLCIiraum84GYamhLDP4M1SsajMWKsvwfVXWp1VLBJ7v0v~Aon1Vo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://www.filepuma.com/file/1399368796c5619/glary_utilities_4.10.0.100/0/.../

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_fr&type=PROGRAM&Expires=1478925396&Signature=PjP~bsSrFe-hdmKxNogQ4cbCFmKaEytC9yG25ZD-6tMU03O4AqInEiUrFr0AbGC0O4YevYLfsLL6IKMMbofYMpqfa4xaWcqvH55ypi4tvPBMxDUWCaW0BgpVsyi2u43X1gSM1bW-HLMa3g2gzKDO74LbNYn7-idYYH4HBNv7DtI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_en&type=PROGRAM&Expires=1478146844&Signature=f9M4ogA7dKTPojfzYF-p3RxwIb3c8g-jPIJg3AuuCFmdK~b7qDgVdpmKjWMlMaI9R20nAYisHR~MDBUQOFOTAtwh0Tutj1YeVNDDp6a766suU2q5K6nO8KmaEESDaSWgqqmGveM1WUvs-Z5~PNT1GHsaqIGuVXsAETPUl2Uaj3k_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_es&type=PROGRAM&Expires=1477517894&Signature=WkOHvfDqEKgS7cTP6GgjjXaLSAoZJ3MsfBsctP1SapEqlbH2-bnyiKNKcZGqp~l-JlxdSqJmxKOkjO~Wzgm3xsp5HHVjOzUfMt2FzJi7HlshYlx4E6lPRayn4RDicS57iK3LY-zqkV-FJStOK0oHbyRh7n~GxA-DWuyl3kMu7yw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_es&type=PROGRAM&Expires=1477885928&Signature=RuHT~Pw3-PhN0G6iRkm2ZJpfZPL7LuZk7soM5UswAP3s5LCCJkC1fu5pldyCFvzaI8QxkqGWnCHSyGOrpnI5wm~qQjVVlooyicMzVS8Cb4w~~NBGqoJCTFI1pLnGYfKl3SYhlPvqaz4dV3AnrlhVK~cGfWSuFf3lgwXOaguzPco_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

http://gsf-cf.softonic.com/c96/bf4/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=65368&instance=softonic_fr&type=PROGRAM&Expires=1477664051&Signature=Jy6NIohycnaHh-349NwY72iQDsbZaaLK3AemKuoxsFLbUwVOmc6zl~VlltYvvGhhan515ldcdy4f-Fjy6KxyZBLluBcps2BIg8SCcc6uj--dP~SQVOq-IJakqC9clAjpVb3bH9aOWu3TZMENDsanOv7VRi6GesYkRYxgfx49skc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gu4setup.exe

Latest 30 of 381 download URLs

Scan gu4setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.