home

GyStation.exe

Gyazo Station

Nota Inc.

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Gyazo’.
Publisher:
Nota Inc.  (signed and verified)

Product:
Gyazo Station

Version:
1.0.1.0

MD5:
b6ef24044dd4794240e914ab4cdb255b

SHA-1:
4a8f77bd891e24585b4fbf00b26945e94c2d876e

SHA-256:
96fb13f26538b47345dc51f5bf89f29f2ac292c096ee83ce7f0a45f464a5642a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 5:40:03 PM UTC  (today)

File size:
2.9 MB (2,993,376 bytes)

Product version:
1.0.1.0

Copyright:
Copyright Nota Inc. All rights reserved.

Original file name:
GyStation.exe

File type:
Executable application (Win32 EXE)

Language:
Japanese (Japan)

Common path:
C:\Program Files\gyazo\gystation.exe

Digital Signature
Signed by:
Nota Inc.

Authority:
GlobalSign nv-sa

Valid from:
6/7/2013 2:52:39 PM

Valid to:
6/8/2014 2:52:39 PM

Subject:
E=contact@notaland.com, CN=Nota Inc., O=Nota Inc., C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11211CCA17AB4F243DDF50D9F9212A1F92EA

File PE Metadata
Compilation timestamp:
4/23/2014 11:40:56 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:RbnwJ9Y04tTvFhq+auAzn/D5FcS4NKFZw9CPRVe71ufIAoj9ghi1RebpyTIg9Cbn:RwJ14t5hq+RAj/DncSSKFxVK1ufIAojc

Entry address:
0xF7C1E

Entry point:
E8, 25, 6A, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 8B, D0, 66, 8B, 08, 83, C0, 02, 66, 85, C9, 75, F5, 66, 8B, 4D, 0C, 83, E8, 02, 3B, C2, 74, 05, 66, 39, 08, 75, F4, 66, 39, 08, 74, 02, 33, C0, 5D, C3, 8B, FF, 55, 8B, EC, 56, 8B, 75, 14, 85, F6, 75, 04, 33, C0, EB, 61, 83, 7D, 08, 00, 75, 13, E8, 99, 10, 00, 00, 6A, 16, 5E, 89, 30, E8, F1, 6B, 00, 00, 8B, C6, EB, 48, 83, 7D, 10, 00, 74, 16, 39, 75, 0C, 72, 11, 56, FF, 75, 10, FF, 75, 08, E8, 99, 4B, 00, 00, 83, C4, 0C, EB, C7, FF, 75...
 
[+]

Entropy:
7.0420

Code size:
1.1 MB (1,162,240 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Gyazo

Command:
C:\Program Files\gyazo\gystation.exe


Scan GyStation.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.