home

sframe.exe

Gala Lab Corp.

Publisher:
Gala Lab Corp.  (signed and verified)

MD5:
439f390e0e18084ea13732ba9b1cf5d9

SHA-1:
056623e9ab5dac7732f8a9dc9fd264127e7b1c9a

SHA-256:
870e7fcf1e19a2d382c4b00cc262fd94cdef46556e68313c724a7f25436857ca

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 3:46:51 AM UTC  (today)

File size:
3.9 MB (4,091,536 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\sframe.exe

Digital Signature
Signed by:
Gala Lab Corp.

Authority:
Thawte, Inc.

Valid from:
8/23/2012 2:00:00 AM

Valid to:
8/24/2014 1:59:59 AM

Subject:
CN=Gala Lab Corp., OU=Tech Support Headquarters, O=Gala Lab Corp., L=Gangnam-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
0DF9EE3CFBC6D8DEE0777F9263CE06DF

File PE Metadata
Compilation timestamp:
9/18/2012 7:59:35 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:xqCN7G4lz6LXVefr/wG2uvqnlBNCr0ZUV2hNEadIIZzeS4lEViO18+4:xBA4lswRvcP0oZUoIadIYzJcEVi+4

Entry address:
0x1000

Entry point:
68, 01, 90, DD, 00, E8, 01, 00, 00, 00, C3, C3, 6E, 73, 57, 32, B8, 96, DE, 8F, FE, 7B, 73, DD, 5C, 8B, D1, DD, B1, 0E, E4, 99, BA, C0, 30, E3, 2A, A6, 06, A3, 44, E1, 1A, C2, 3F, 3D, 80, F3, 29, 7B, E3, 8C, 39, CB, 54, B2, 7A, E7, B4, DF, 28, 45, 25, 7B, BC, 70, 83, 91, 0B, FC, 3C, 26, 5B, C0, 8E, E1, 08, 5F, A8, E2, F1, 16, 1F, 95, DA, BB, 0F, 55, C0, 0E, D9, AD, E4, 95, AB, 7F, 2B, E1, DA, C8, E4, 62, 0D, 31, DA, 3E, CC, 42, 76, E3, E0, EF, BF, 9E, C6, 13, 24, AC, 33, B3, 19, 3C, 02, A8, E5, FF, D8, 7F...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
6.4 MB (6,709,248 bytes)

Scan sframe.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.