GiljabiStart.exe

LG LIU

LG Electronics Inc.

This is a setup program which is used to install the application. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘LG Intelligent Update’. The file has been seen being downloaded from lgsiu.lge.com and multiple other hosts.
Publisher:
BIT LEADER  (signed by LG Electronics Inc.)

Product:
LG LIU

Description:
Giljabi Start

Version:
3.0.0.8

MD5:
45799a6ca96f9dbd9d053979bdabc815

SHA-1:
c120bf63744505193dd7cb0cb2489bc6d3ca2f0b

SHA-256:
770348efcec468d26a32b6c56d779a26684981ec4170bcb591d40700ecdf69b9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/30/2024 10:07:24 AM UTC  (today)

File size:
245.3 KB (251,184 bytes)

Product version:
3.0.0.8

Copyright:
Copyright (C) 2006~2008

Original file name:
GiljabiStart.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\lg_swupdate\giljabistart.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
8/10/2007 2:00:00 AM

Valid to:
8/25/2008 1:59:59 AM

Subject:
CN=LG Electronics Inc., OU=Engineering Dept. DID Division, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=LG Electronics Inc., L=Kumi, S=Kyoungsangbuk-do, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
103D387EAFDB9D10D9D61AEAF4A77090

File PE Metadata
Compilation timestamp:
7/17/2008 8:46:22 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:CDOq1C7YJVUe6bpbUD5G59IV/vrKmBp6a/Dk5FXiGalHQCHFlG1WKasAb9Cjeu6u:8OfYJop94HowGaM5iuRT3kmdcM

Entry address:
0x3A30E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
228 KB (233,472 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
LG Intelligent Update

Command:
"C:\Program Files\lg_swupdate\giljabistart.exe" gilautouc


The file GiljabiStart.exe has been seen being distributed by the following 5 URLs.

http://lgsiu.lge.com/auto_three_new/ELBRUS/0009/.../GiljabiStart.exe