home

easysgif.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from doc-10-ao-docs.googleusercontent.com.
MD5:
9e3f204d5c01a36ba25f5eb1284a48d3

SHA-1:
cad1b4612f837b260e4ecbd2c3febf6b307fdde2

SHA-256:
24c4df275a118bf0018c76859cf678233a4df159b2857ffcae8cc7e44236b27f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 7:33:42 PM UTC  (today)

File size:
3.1 MB (3,234,304 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\easysgif.exe

File PE Metadata
Compilation timestamp:
6/19/1992 10:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:TNF9nh3cuq9TUBnMy/6P0vkN7N63Irr1XIbJepitmFda6VHxFHHnqy1HF:TF6NvcI7N6gRTcOda4HxFHHn11HF

Entry address:
0x17D0A0

Entry point:
55, 8B, EC, 83, C4, F0, B8, 18, CB, 57, 00, E8, EC, 96, E8, FF, A1, 20, 49, 58, 00, 8B, 00, E8, F4, C7, F0, FF, A1, 20, 49, 58, 00, 8B, 00, BA, 58, D1, 57, 00, E8, DB, C3, F0, FF, 8B, 0D, 14, 4C, 58, 00, A1, 20, 49, 58, 00, 8B, 00, 8B, 15, 44, FF, 50, 00, E8, E3, C7, F0, FF, 8B, 0D, 20, 49, 58, 00, 8B, 09, B2, 01, A1, F8, C3, 57, 00, E8, 57, 4E, F0, FF, 8B, 15, 3C, 49, 58, 00, 89, 02, 33, C0, 55, 68, 38, D1, 57, 00, 64, FF, 30, 64, 89, 20, A1, 3C, 49, 58, 00, 8B, 00, 8B, 10, FF, 92, EC, 00, 00, 00, 33, C0...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.5 MB (1,556,992 bytes)

The file easysgif.exe has been seen being distributed by the following URL.

https://doc-10-ao-docs.googleusercontent.com/docs/securesc/ocjced7vuf74i5iciv06bejp8i0uo8af/nal9ltfa2hj1sn8pqbugbegblpkl459t/1425556800000/.../09180929258366761335/0BxIDhT6Q9_3VZzJ3d1piZF9lczA?e=download

Scan easysgif.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.