gyazo-1.0.exe

Gyazo

Toshiyuki Masui

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Toshiyuki Masui

Product:
Gyazo

Description:
Gyazo Setup

MD5:
f70d8a0c75e0557d95c5cb17c0140299

SHA-1:
62c25ff09cdfb2af08ce70da7e951276ae4fab62

SHA-256:
576ad5270dc1a1458f5df1f3dd43314717f390e2dd4cc7b2b9ef0680c213fd07

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
10/23/2017 3:45:35 AM UTC  (a few moments ago)

File size:
1.5 MB (1,552,078 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\gyazo-1.0.exe

File PE Metadata
Compilation timestamp:
9/16/2010 12:29:23 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:TPci/daVeYetcjzW9G6XH4HJ+96WePdkagK91pH9jF6kvCUIODWkUM:rcyaitIzW1HSAMrk9IpdjYeCzCW1M

Entry address:
0x16450

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 18, 56, 41, 00, E8, E4, 03, FF, FF, 33, C0, 55, 68, 1D, 6B, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, D9, 6A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, DE, EF, FF, FF, E8, 85, EB, FF, FF, 8D, 55, EC, 33, C0, E8, 9F, 87, FF, FF, 8B, 55, EC, B8, AC, D6, 41, 00, E8, 1A, EA, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, AC, D6, 41, 00, B2, 01...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
85 KB (87,040 bytes)

The file gyazo-1.0.exe has been seen being distributed by the following 12 URLs.

http://gsf-cf.softonic.com/62c/25f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=96671&instance=softonic_es&type=PROGRAM&Expires=1435287587&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=ixdIc9Dq8MYoDxpHL1FL6C-Ocp0taasv~GD2CFjgpaZZit44rjVbMqfo5YBJHkl~53-DfYcZNPBz4SWfvEMZ8UO0OiblIKP9dlIkDZEmINC~hcV3gTx9ceyWCuVXS3Ay0NOGdmXDiPfRR6PqwuXAj5-vuAknDz7oS4yMgzSdCig_&filename=Gyazo-1.0.exe

http://gsf-cf.softonic.com/62c/25f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=96671&instance=softonic_es&type=PROGRAM&Expires=1458731936&Signature=NwkjZ-FX9u4HAFtGm5GT0e~27NUY7ivuxWtt5SQ9wT1qIfswN8tvUDjXBDKrX7PQLEMsrgrj53DsUE8fZ-Jpn0AcwB0BNN80PT027DIp8Zhx1bhj9-U4s2AO0t7hvIN-SiR6bRP9giEGo3jS9jSDLOCL5hxHDvHqljCv7vivTn8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Gyazo-1.0.exe

http://gsf-cf.softonic.com/62c/25f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=96671&instance=softonic_es&type=PROGRAM&Expires=1468379999&Signature=R7ZDBJBKUu3iRI9mOpisCAbUVBm8NC8FTKMELvpIfOfmiF2KKEIczapVm2ziYI5BSclsW62dozp1s424lgcY69eaRVgO~ePvoQ82B1-5S6C9m9yonP3SQyve7w6SLrKGf23jbCjeXGiDFEMCs-nrHKeIukgdsJSIircx5tiOECg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Gyazo-1.0.exe

http://gsf-cf.softonic.com/62c/25f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=96671&instance=softonic_en&type=PROGRAM&Expires=1438181658&Signature=QLQo2YABxtZmCgmcfxFYOglRNYoLf2rH41YFn-3NGNkL4PQaTjwuemrhoc848BfG-r3gpo2kupnqFDWb7IXLWs7aOwQlds5iHscGn6ok1Y~I1o-xlGw5cfDyyROcjn5oB~v~WGVL2V4WEJ46lTi1lMnYt8B804jcUZJEeHxnjfU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Gyazo-1.0.exe

http://gsf-cf.softonic.com/62c/25f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=96671&instance=softonic_es&type=PROGRAM&Expires=1478525992&Signature=ZTgYSQ7aPkkM0st1~7F9Sv2AbYTInfMEvBf8X8lgzB~My954tGokFx1Q5q~S7qQAhV4XrFH35tn-65Bnk4Q39qla3W8HY67oRp5vVtHYC7kN7p6MCeoxU2XLz3QNm4oEvae8KxamrbeU-OwDK004nXbaRMzoBZWUhuqSd1QPsaM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Gyazo-1.0.exe

http://gsf-cf.softonic.com/62c/25f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=96671&instance=softonic_en&type=PROGRAM&Expires=1441635871&Signature=R1P6uIAvKTHHkpZ24T5~Ta0Txx3AxwK37V3bZs02YxGVCSzLaZI90akieF9izG3YWu053bBTKq-DK0212fwAgf-82ZUopzc~UWgFeGFuT6yre6SkFPKjor8T6drEgTLt0m4qUWWs5pofTEJRXwgzyoccUYu1BawK1IfSGb07-2o_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Gyazo-1.0.exe

Scan gyazo-1.0.exe - Powered by Reason Core Security