home

geeksn0w_2.9_win.exe

com.blackgeek.geeksn0w_gui

This is a setup program which is used to install the application. The file has been seen being downloaded from download613.mediafire.com and multiple other hosts.
Product:
com.blackgeek.geeksn0w_gui

Version:
1.0.0.0

MD5:
6322a7e8d3b4bfefe9f585beb7d6d4a5

SHA-1:
d8b0f9b0034ae64d68e051e70c47adbea1c0ee12

SHA-256:
0a3647f68d95c5a8a2dfaf9900e5d0f4a50fe5ddac7b74b9f5d350f372a2421e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 1:55:54 AM UTC  (today)

File size:
41 MB (42,991,616 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2014

Original file name:
com.blackgeek.geeksn0w_gui.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

File PE Metadata
Compilation timestamp:
4/25/2014 5:58:38 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
786432:5TlGhkcnikYDWtbXM2hUISPpMV/qUnggTlGVxzL:3GhTikr7M2hJW+RqOpGT

Entry address:
0x28A69DE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 2E, 86, 5A, 53, 00, 00, 00, 00, 02, 00, 00, 00, 1C, 01, 00, 00, 1C, 80, 8A, 02, 1C, 4E, 8A, 02, 52, 53, 44, 53, 20, C2, 90, 6C, 22, 8C, 26, 4B, 97, 9A, 6F, 9A, D4, 83, FD, FB, 01, 00, 00, 00, 43, 3A, 5C, 55, 73, 65, 72, 73, 5C, 41, 4E, 64, 72, 65, 5C, 64, 6F, 63, 75, 6D, 65, 6E, 74, 73, 5C, 76, 69, 73, 75, 61, 6C, 20, 73, 74, 75, 64, 69, 6F, 20, 32, 30, 31...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
40.6 MB (42,617,344 bytes)

The file geeksn0w_2.9_win.exe has been seen being distributed by the following 3 URLs.

http://download613.mediafire.com/fv3qvu5i14kg/.../geeksn0w_2.9_win.exe

http://download1609.mediafire.com/33a2sv5ncmkg/.../geeksn0w_2.9_win.exe

http://download1244.mediafire.com/pdadhwsamcrg/.../geeksn0w_2.9_win.exe

Scan geeksn0w_2.9_win.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.