GIFAnimator.exe

Microsoft GIF Animator

Microsoft Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from doc-14-4k-docs.googleusercontent.com and multiple other hosts.
Publisher:
Microsoft Corporation

Product:
Microsoft® GIF Animator

Description:
Microsoft GIF Animator Application

Version:
1.0.0.101

MD5:
361e4f118fe3cb9fe5a439e96f2a3982

SHA-1:
3b72c8a1d9931632a7aa2e4af77b2d3261337531

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 6:27:28 PM UTC  (today)

File size:
525 KB (537,600 bytes)

Product version:
1.0.0.101

Copyright:
Copyright © 1996 Microsoft Corporation. All rights reserved.

Original file name:
GIFAnimator.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\documents and settings\luis\escritorio\gifanimator.exe

File PE Metadata
Compilation timestamp:
1/14/1997 8:07:10 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
4.20

CTPH (ssdeep):
6144:riCqglXGPq7pkJ7PQXdtHOzLGkDHW4ESoGOwu1Tmi3l3e7X9KY9kW5/:JjpkJUXdtHOeghCTRl36KY+W5

Entry address:
0x1FF90

Entry point:
64, A1, 00, 00, 00, 00, 55, 8B, EC, 6A, FF, 68, 40, 1F, 45, 00, 68, 98, 49, 42, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 60, 53, 56, 57, 89, 65, E8, FF, 15, BC, 89, 46, 00, A3, 54, 14, 46, 00, 33, C0, A0, 55, 14, 46, 00, A3, 60, 14, 46, 00, A1, 54, 14, 46, 00, C1, 2D, 54, 14, 46, 00, 10, 25, FF, 00, 00, 00, A3, 5C, 14, 46, 00, C1, E0, 08, 03, 05, 60, 14, 46, 00, A3, 58, 14, 46, 00, E8, 9A, 36, 00, 00, 85, C0, 75, 0A, 6A, 1C, E8, 3F, 01, 00, 00, 83, C4, 04, E8, 17, 28, 00, 00, 85, C0, 75, 0A, 6A, 10, E8...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v4.2

Code size:
297.5 KB (304,640 bytes)

The file GIFAnimator.exe has been seen being distributed by the following 4 URLs.

https://doc-14-4k-docs.googleusercontent.com/docs/securesc/4bmdfahl6q6dp4jegc63ek680ftj4kud/tsc3f6gibakucdtv777mtsbl837a7qs0/1477836000000/06717282610443597400/.../0ByYbtMCCyYT3U0ZtaC1XZHI4dWc?e=download

https://tecnojct.milaulas.com/mod/.../view.php?id=1850

Scan GIFAnimator.exe - Powered by Reason Core Security