home

geplugin.exe

Google Earth

Google

This is installed with multiple programs including Google Earth and Google Earth Plug-in. The file has been seen being downloaded from bf1.attach.mail.ymail.com.
Publisher:
Google

Product:
Google Earth

Version:
6.2.2.6613

MD5:
21c4cb94b41424d41c8713f4d3a0bd0a

SHA-1:
7ce0fcdec0346cf61f836a76d49e2db722a96748

SHA-256:
8ec275a6f463a58231bcfc39109e406c1140ad4322368dc991ce72e88cc819a2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
10/31/2024 11:04:03 PM UTC  (a few moments ago)

File size:
70 KB (71,680 bytes)

Copyright:
Copyright 2012

Original file name:
GoogleEarth.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\Program Files\google\google earth\plugin\geplugin.exe

File PE Metadata
Compilation timestamp:
4/14/2012 5:22:15 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:jT/45EFApeH6OFygeqc6zavgcEASCE7v7qD1Y:v/XugaOFywfzavsk1Y

Entry address:
0x2B08

Entry point:
E8, 3C, 05, 00, 00, E9, 63, FD, FF, FF, 6A, 14, 68, 38, 4E, 40, 00, E8, 82, 04, 00, 00, FF, 35, A0, 65, 40, 00, 8B, 35, 44, 40, 40, 00, FF, D6, 89, 45, E4, 83, F8, FF, 75, 0C, FF, 75, 08, FF, 15, E0, 40, 40, 00, 59, EB, 64, 6A, 08, E8, A9, 05, 00, 00, 59, 83, 65, FC, 00, FF, 35, A0, 65, 40, 00, FF, D6, 89, 45, E4, FF, 35, 9C, 65, 40, 00, FF, D6, 89, 45, E0, 8D, 45, E0, 50, 8D, 45, E4, 50, FF, 75, 08, 8B, 35, 48, 40, 40, 00, FF, D6, 50, E8, 6F, 05, 00, 00, 83, C4, 0C, 89, 45, DC, FF, 75, E4, FF, D6, A3, A0...
 
[+]

Entropy:
5.6704

Code size:
9 KB (9,216 bytes)

The file geplugin.exe has been discovered within the following programs.

Google Earth  by Google Inc
Google Earth is a virtual globe, map and geographical information program. Google Earth is simply based on 3D maps, with the capability to show 3D buildings and structures (such as bridges), which consist of users' submissions using SketchUp, a 3D modeling program software.
earth.google.com
3% remove it
Google Earth Plug-in  by Google Inc
The Google Earth plug-in allows you to navigate and explore geographic data on a 3D globe using a web browser. Google Earth is a virtual globe, map and geographical information program.
www.google.com/earth/explore/products/plugin.html
8% remove it
Google Earth  by Google Inc
Publisher's description - “Take a virtual journey to any location in the world. Explore 3D buildings, imagery, and terrain. Find cities, places and local businesses. Google Earth is fully-featured for desktop users with three different versions: Google Earth, Google Earth Pro and Google Earth Enterprise.”
4% remove it
 
Powered by Should I Remove It?

The file geplugin.exe has been seen being distributed by the following URL.

http://bf1.attach.mail.ymail.com/us.f1617.mail.yahoo.com/ya/securedownload?mid=2_0_0_1_2412184_AFzTi2IAAUNeT9Tf9AjyeG0kwQU&fid=Inbox&pid=2&clean=0&appid=YahooMailNeo&redirectURL=http://us.mg6.mail.yahoo.com/neo/.../outage.php?b=_4639&mid=2_0_0_1_2412184_AFzTi2IAAUNeT9Tf9AjyeG0kwQU&fid=Inbox&yid=fedpinedo&nAtt=1&cred=jYlImLjIaLUbX_8oK2xpJKNEKAzSNEd.pKa2_PAL9Q5SaIKUjYxaJy_8fcFibdv_JW_txh3hZvRTFh4DuaCpNgK2RFypVsBl4lSK.BkA3Jfr&ts=1339351038&partner=ymail&sig=y5Ri9hp_Meexk3J5TDDO_w--

Scan geplugin.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.