» qlipso_girafficinstall0.86.126.230.exe
Overview
Analysis
File Details
Programs (2)
Downloads (1)

qlipso_girafficinstall0.86.126.230.exe

GIRAFFIC TECHNOLOGIES LTD

This is a setup program which is used to install the application. The file has been seen being downloaded from docs.google.com.

File name:

Publisher:

Giraffic (signed by GIRAFFIC TECHNOLOGIES LTD)

Product:

Giraffic

Version:

0.86.126.230

MD5:

c31b5defc0b782e01876f56d8656d51f

SHA-1:

7a603d284699efbdb1dbf7c0014415fdecdee052

SHA-256:

209f2592d7cac224e0b6486ad39e36fdd3d520e4af10228b74c42ccb73f12fb9

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 1:05:30 AM UTC (today)

File size:

2.9 MB (3,003,096 bytes)

Product version:

0.86.126.230

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\veoh networks\veohwebplayer\qlipso_girafficinstall0.86.126.230.exe

Digital Signature

Signed by:

GIRAFFIC TECHNOLOGIES LTD

Authority:

Thawte, Inc.

Valid from:

8/31/2011 2:00:00 AM

Valid to:

9/23/2013 1:59:59 AM

Subject:

CN=GIRAFFIC TECHNOLOGIES LTD, O=GIRAFFIC TECHNOLOGIES LTD, L=Tel Aviv, S=Israel, C=IL

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

6155249FE650EA33CE3E5967D5BFBFC7

File PE Metadata

Compilation timestamp:

12/5/2009 11:50:46 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

49152:Mz/r/rZDJtP4RWDvBDxGGWQfzKCGRnS8TtJlw29zeD7J59E:kr/9P4RWDBDk0uCwSWhw2+7i

Entry address:

0x323C

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00... 
[+]

Code size:

23 KB (23,552 bytes)

The file qlipso_girafficinstall0.86.126.230.exe has been discovered within the following programs.

Veoh Web Player by Veoh Networks, Inc.

Veoh Web Player bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).

www.veoh.com

48% remove it

Veoh Web Player Beta by Veoh Networks, Inc.

60% remove it

The file qlipso_girafficinstall0.86.126.230.exe has been seen being distributed by the following URL.

https://docs.google.com/uc?authuser=0&id=0B6LKQRaTEBnUMWwyNlVYS1lldm8&export=download

Scan qlipso_girafficinstall0.86.126.230.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.