home

giljabiunis.exe

LG Intelligent Update

LG Electronics Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from lgsiu.lge.com and multiple other hosts.
Publisher:
BIT LEADER  (signed by LG Electronics Inc.)

Product:
LG Intelligent Update

Version:
3.00.0002

MD5:
879bbee553e5f795ea2354d3d4bfb8c9

SHA-1:
40b1553b7b96d8fa82e9cfc5cc5af278aa73a917

SHA-256:
a6082eb3e46ad3a231946bb59e0a3b7b9b93a641c9d1191085b84ec241be4981

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/30/2024 10:03:08 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Agent
7.1.1

McAfee
Artemis!879BBEE553E5
5600.7240

Trend Micro House Call
TROJ_GEN.R42B1KA
7.2.24

File size:
41.3 KB (42,288 bytes)

Product version:
3.00.0002

Original file name:
giljabiunis.exe

File type:
Executable application (Win32 EXE)

Language:
Korean

Common path:
C:\Windows\System32\giljabiunis.exe

Digital Signature
Signed by:
LG Electronics Inc.

Authority:
VeriSign, Inc.

Valid from:
8/10/2007 2:00:00 AM

Valid to:
8/25/2008 1:59:59 AM

Subject:
CN=LG Electronics Inc., OU=Engineering Dept. DID Division, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=LG Electronics Inc., L=Kumi, S=Kyoungsangbuk-do, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
103D387EAFDB9D10D9D61AEAF4A77090

File PE Metadata
Compilation timestamp:
7/14/2008 10:30:33 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:PxgzKrFpAmRlDkyrAskdzxfO7Ijyf+rdxum8boKhD5Lnbi:puKLLdrlmzTyf+sP15Xi

Entry address:
0x113C

Entry point:
68, B8, 13, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 1E, E9, ED, 02, E6, EC, 6E, 49, 80, 6E, B8, F0, 00, 85, F7, 6C, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, E0, 41, 45, 01, 67, 69, 6C, 6A, 61, 62, 69, 6B, 69, 6C, 6C, 00, 5C, E3, 45, 01, 00, 00, 00, 00, 50, 00, 00, 00, 80, AE, 5F, 1B, C4, 3C, FC, 49, 9E, A0, F1, 3F, E2, 1D, F5, 22, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
28 KB (28,672 bytes)

The file giljabiunis.exe has been seen being distributed by the following 5 URLs.

http://lgsiu.lge.com/auto_three_new/ELBRUS/0009/data/.../giljabiunis.exe

http://lgsiu.lge.com/auto_three_new/PEPER/0009/data/.../giljabiunis.exe

http://lgsiu.lge.com/auto_three_new/COLUMBIA_SROSA/0009/data/.../giljabiunis.exe

http://lgsiu.lge.com/auto_three_new/MANASLU/0009/data/.../giljabiunis.exe

http://lgsiu.lge.com/auto_three_new/FORAKER/0009/data/.../giljabiunis.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.