home

qGNA.exe

QGNA

Syncopate LLC

The application qGNA.exe, “GameNet Application” by Syncopate has been detected as a potentially unwanted program by 11 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler named GameNet triggered to execute each time a user logs in.
Publisher:
GGS  (signed by Syncopate LLC)

Product:
QGNA

Description:
GameNet Application

Version:
1,1,272,0b68c6fecf86994b627761d819471a97296170a3

MD5:
8be3d64c9693e5d367dae156953835b4

SHA-1:
18a7731d9bd51eef105529e8a76d1cc0e8516438

SHA-256:
2d9aa2cd43d46efe534abe5d0871da408750bb49640bbc5e9f6c21f5dc8c1147

Scanner detections:
11 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 4:27:17 PM UTC  (today)

Scan engine
Detection
Engine version

Bitdefender
Gen:Variant.Strictor.79481
1.0.20.160

Bkav FE
W32.HfsAdware
1.3.0.6379

Emsisoft Anti-Malware
Gen:Variant.Strictor.79481
8.16.02.01.02

F-Secure
Gen:Variant.Strictor.79481
11.2016-01-02_2

G Data
Gen:Variant.Strictor.79481
16.2.25

IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.8.6.0

McAfee
Artemis!ABDFB6E186F4
5600.6502

MicroWorld eScan
Gen:Variant.Strictor.79481
17.0.0.96

Qihoo 360 Security
Malware.QVM10.Gen
1.0.0.1015

Reason Heuristics
PUP.Syncopate (M)
16.2.1.13

Trend Micro House Call
Suspicious_GEN.F47V0314
7.2.32

File size:
587.3 KB (601,416 bytes)

Product version:
1,1,272,0b68c6fecf86994b627761d819471a97296170a3

Copyright:
Copyright(c) 2010 - 2013

Original file name:
qGNA.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Syncopate LLC

Authority:
VeriSign, Inc.

Valid from:
10/10/2011 3:00:00 AM

Valid to:
10/10/2013 2:59:59 AM

Subject:
CN=Syncopate LLC, OU=ITS, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Syncopate LLC, L=Moscow, S=Moscow, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
78E5035A17AF0AFF9980218BF7356920

File PE Metadata
Compilation timestamp:
2/7/2013 11:12:43 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:UKqqe3iUHNOOOOOOOOOOOOOOOOOOOOOOOOOOOOO0OOOOOOOOOOOOOOOOOOOOOOOX:UKI+x

Entry address:
0x2DF9C

Entry point:
E8, 4F, 06, 00, 00, E9, 1C, FD, FF, FF, 8B, 00, 81, 38, 63, 73, 6D, E0, 74, 03, 33, C0, C3, E9, D4, 06, 00, 00, 6A, 14, 68, F0, 23, 45, 00, E8, 4C, 05, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45, DC, 00, 00, 00, 00, 8B, 45, DC, C3, E8, 88, 06, 00, 00, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, 42, 05, 00, 00, C2, 10, 00, 6A, 0C, 68, 10, 24, 45...
 
[+]

Code size:
241 KB (246,784 bytes)

Scheduled Task
Task name:
GameNet

Trigger:
Logon (Runs on logon)

Description:
AUTORUN_TASK_DESCRIPTION


Remove qGNA.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.