» gyazo-1.0.exe
Overview
Analysis
File Details
Downloads (12)

gyazo-1.0.exe

Gyazo

Toshiyuki Masui

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

gyazo-1.0.exe

Publisher:

Toshiyuki Masui

Product:

Gyazo

Description:

Gyazo Setup

MD5:

f70d8a0c75e0557d95c5cb17c0140299

SHA-1:

62c25ff09cdfb2af08ce70da7e951276ae4fab62

SHA-256:

576ad5270dc1a1458f5df1f3dd43314717f390e2dd4cc7b2b9ef0680c213fd07

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/18/2024 4:19:37 AM UTC (today)

File size:

1.5 MB (1,552,078 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\gyazo-1.0.exe

File PE Metadata

Compilation timestamp:

9/16/2010 12:29:23 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:TPci/daVeYetcjzW9G6XH4HJ+96WePdkagK91pH9jF6kvCUIODWkUM:rcyaitIzW1HSAMrk9IpdjYeCzCW1M

Entry address:

0x16450

Entry point:

55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 18, 56, 41, 00, E8, E4, 03, FF, FF, 33, C0, 55, 68, 1D, 6B, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, D9, 6A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, DE, EF, FF, FF, E8, 85, EB, FF, FF, 8D, 55, EC, 33, C0, E8, 9F, 87, FF, FF, 8B, 55, EC, B8, AC, D6, 41, 00, E8, 1A, EA, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, AC, D6, 41, 00, B2, 01... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

85 KB (87,040 bytes)

The file gyazo-1.0.exe has been seen being distributed by the following 12 URLs.

http://gsf-cf.softonic.com/62c/25f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=96671&instance=softonic_es&type=PROGRAM&Expires=1435287587&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=ixdIc9Dq8MYoDxpHL1FL6C-Ocp0taasv~GD2CFjgpaZZit44rjVbMqfo5YBJHkl~53-DfYcZNPBz4SWfvEMZ8UO0OiblIKP9dlIkDZEmINC~hcV3gTx9ceyWCuVXS3Ay0NOGdmXDiPfRR6PqwuXAj5-vuAknDz7oS4yMgzSdCig_&filename=Gyazo-1.0.exe

http://gsf-cf.softonic.com/62c/25f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=96671&instance=softonic_es&type=PROGRAM&Expires=1458731936&Signature=NwkjZ-FX9u4HAFtGm5GT0e~27NUY7ivuxWtt5SQ9wT1qIfswN8tvUDjXBDKrX7PQLEMsrgrj53DsUE8fZ-Jpn0AcwB0BNN80PT027DIp8Zhx1bhj9-U4s2AO0t7hvIN-SiR6bRP9giEGo3jS9jSDLOCL5hxHDvHqljCv7vivTn8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Gyazo-1.0.exe

http://gsf-cf.softonic.com/62c/25f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=96671&instance=softonic_es&type=PROGRAM&Expires=1468379999&Signature=R7ZDBJBKUu3iRI9mOpisCAbUVBm8NC8FTKMELvpIfOfmiF2KKEIczapVm2ziYI5BSclsW62dozp1s424lgcY69eaRVgO~ePvoQ82B1-5S6C9m9yonP3SQyve7w6SLrKGf23jbCjeXGiDFEMCs-nrHKeIukgdsJSIircx5tiOECg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Gyazo-1.0.exe

http://gsf-cf.softonic.com/62c/25f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=96671&instance=softonic_en&type=PROGRAM&Expires=1438181658&Signature=QLQo2YABxtZmCgmcfxFYOglRNYoLf2rH41YFn-3NGNkL4PQaTjwuemrhoc848BfG-r3gpo2kupnqFDWb7IXLWs7aOwQlds5iHscGn6ok1Y~I1o-xlGw5cfDyyROcjn5oB~v~WGVL2V4WEJ46lTi1lMnYt8B804jcUZJEeHxnjfU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Gyazo-1.0.exe

http://gsf-cf.softonic.com/62c/25f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=96671&instance=softonic_es&type=PROGRAM&Expires=1478525992&Signature=ZTgYSQ7aPkkM0st1~7F9Sv2AbYTInfMEvBf8X8lgzB~My954tGokFx1Q5q~S7qQAhV4XrFH35tn-65Bnk4Q39qla3W8HY67oRp5vVtHYC7kN7p6MCeoxU2XLz3QNm4oEvae8KxamrbeU-OwDK004nXbaRMzoBZWUhuqSd1QPsaM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Gyazo-1.0.exe

http://gsf-cf.softonic.com/62c/25f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=96671&instance=softonic_en&type=PROGRAM&Expires=1441635871&Signature=R1P6uIAvKTHHkpZ24T5~Ta0Txx3AxwK37V3bZs02YxGVCSzLaZI90akieF9izG3YWu053bBTKq-DK0212fwAgf-82ZUopzc~UWgFeGFuT6yre6SkFPKjor8T6drEgTLt0m4qUWWs5pofTEJRXwgzyoccUYu1BawK1IfSGb07-2o_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Gyazo-1.0.exe

http://files.downloadnow.com/s/software/11/88/80/.../Gyazo-1.0.exe

http://gsf-cf.softonic.com/62c/25f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=96671&instance=softonic_es&type=PROGRAM&Expires=1462370513&Signature=JDa7ehTTtzjbLMNlH2mQpralJdc1uYiQOIJhx6vcEcXzEPlY6t~MHiDT7zXXPPs0Jx0S~L~l89vsq-WbPHm9z30iNkKuPLovW6msP0asPe0VwWiJMjdn~xVEMrJuubCjquFcTjv~4FW7YqPntwOP3tYySDAcjZ7S9WqTfjqfKrM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Gyazo-1.0.exe

http://gsf-cf.softonic.com/62c/25f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=96671&instance=softonic_es&type=PROGRAM&Expires=1465121992&Signature=QKgHFN4KRiwkcTkg9mKcq248HYNgDmLmvgY0K0Ips38vyfriEYdGtdJydxGS393ZNoNoZ8kcgWpOjKsCbFmfH~wstCOgracoXAmYofe8kC0~Md1mfWGqoPzAwXrvOsvZBhxLK8UH~uFAMaIgiFN6sATlSK6GjBhyOSpY04yC04I_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Gyazo-1.0.exe

http://gsf-cf.softonic.com/62c/25f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=96671&instance=softonic_es&type=PROGRAM&Expires=1448339515&Signature=a4jOqIYgUm7qAgsRkj6hbWEuz8~IMLV-n2QmPXnq0odnHKKjPhVeW9CXsdGJfWPozCWda0Qzw-8lZ9OmklbeKQtLWmCv9TUT2IdAoelEweGK1xVxuSgN60cS0k8r8mGi2Dkjf1J~iE1HyFiXngy0flJNuz2Nds5PM4Z14Pwgrjs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Gyazo-1.0.exe

http://software-files-a.cnet.com/s/software/11/88/80/.../Gyazo-1.0.exe

http://gyazo.s3.amazonaws.com/.../Gyazo-1.0.exe

Scan gyazo-1.0.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.