» gbooks.exe
Overview
Analysis
File Details
Downloads (26)

gbooks.exe

Google Books Downloader

GBOOKSDOWNLOADER.COM

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.tamindir.com and multiple other hosts.

File name:

gbooks.exe

Publisher:

GBOOKSDOWNLOADER.COM

Product:

Google Books Downloader

Description:

Google Books Downloader Setup

MD5:

22e53eb07f6aa63cce49ad2a35acd137

SHA-1:

cc6a3ab9be9b74b81eab63d932224df97f49563b

SHA-256:

6e8bca82f9c80cde43886e1527f121f46d7225decd7ccc35f6cec95715b821dd

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

11/25/2024 3:56:33 AM UTC (today)

Scan engine

Detection

Engine version

Kaspersky

UDS:DangerousObject.Multi.Generic

14.0.0.989

Rising Antivirus

PE:Adware.InstallCore!1.A30C [F]

23.00.65.151209

File size:

590.2 KB (604,395 bytes)

Product version:

2.6

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

File PE Metadata

Compilation timestamp:

6/20/1992 6:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:CQiGBuKK5JOg7kfYC031Qk0eOoiRl7q3C8pJth:CQiMuKKHxkfYC03n7ol7uh

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

7.9543

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file gbooks.exe has been seen being distributed by the following 26 URLs.

http://www.tamindir.com/indir/MjAxNi0xMi0yNyAxODo1NDo1Ng==/google-books-downloader/windows/.../

http://www.ranchsendgift.com/oji0qrJgNXKn97ioMuoS9viMe11yNLRP lq WUOJOTYv7UtclUWeX_qSn9j S9AaeL71y4IT1GAfQCnqiOw0wTS1kLqfgy7l1Vsmwe3_ylWtEm2pW PF0h98YXsgmoT_Sdv2QvvSlxyy3YcFSJOq3BL3jP86zLeJwQWq4cgJ3JL1cS33vjom0GhVmcNjSVBiBndeA wzhdlywYGmVYAiS2hCQ10 1A==-GykAAAQZcmipfXkUOOSA_askDCzYGDtLEGzkN2b8FkU56xJ4HA==

http://www.ranchsendgift.com/eKspYN30S9dM2SIyb1bJzxQgsv6Yy cFbyxvSf0N6cKyU8fDmHg9m5egCvk6tj7PkLMvzC2nTR6FaBLvFTtCzV6DopogrxVxH1wpRvx3PeD5oZupB9Jbn AswzSQMnkCveU3GxlPTrmbXYUP_SBMvzC90nQ6BOyfvFtkzwrmnQq3PhSGL6bvarpniamsCfXA91KQ0JnTfNUSnaezvugKhPJnvTFxTw==-GykAAAQZcmipfXkUOOSA_askDCzYGDtLEGzkN2b8FkU56xJ4HA==

http://software.thaiware.com/download_url.php?id=925

http://www.techspot.com/downloads/downloadnow/.../?evp=6c8065dabaf305a1353b22f5790fdf53&file=1

http://pc-bullet.com/download.php?go=2&file=51&mirror=107

http://www.techspot.com/downloads/downloadnow/.../?evp=a32132e834c9f8abb9229bd16aa99a3a&file=1

http://www.lo4d.com/get-file/google-books-downloader/.../

http://gbooksdownloader.com/gbooks.exe

http://www.lo4d.com/get-file/google-books-downloader/.../

http://www.ranchsendgift.com/Naz6ih0mTr406L9vlPBtjM YijAgm9K64DWRTsqBtYE3iLdBTYzFy_2I7pHU0T9Nnz_zFrg0Sj seVTwANsH5bTOblbV7hhNjhqOjklkFu7tRVjOjF40x2Qqpku1k9DLSXiNbtrcmHhbiCrddW1klgesXeugBO_rA1oe4pj5N16QBzkKK2szT2hcyx c5jw6o71f9LE2yR7_gaidQa36gMq5nfKXGw==-GykAAAQZcmipfXkUOOSA_askDCzYGDtLEGzkN2b8FkU56xJ4HA==

http://www.lo4d.com/get-file/google-books-downloader/.../

http://www.gbooksdownloader.com/gbooks_latest.exe

http://www.lo4d.com/get-file/google-books-downloader/.../

http://dc588.4shared.com/download/.../gbooks.exe

temp:gbooks.exe

http://download863.mediafire.com/1s9qds7mx0zg/.../gbooks.exe

http://download1744.mediafire.com/be8dd195iw8g/.../gbooks.exe

http://google-books-downloader.software.informer.com/.../

http://download.freedownloadmanager.org/Windows-PC/.../FREE-2.5.html?ac477bb

http://google-books-downloader.soft32.com/get/file/id/.../?no_download_manager=true

http://www.techspot.com/downloads/downloadnow/.../?evp=4513f167728d1364d6c4636ef93c7de6&file=1

http://www.gbooksdownloader.com/gbooks.exe

http://download-codeplex.sec.s-msft.com/.../Release?ProjectName=googlebookdownloader&DownloadId=1427613&FileTime=130941566095400000&Build=21031

Scan gbooks.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.