home

gomplayersetup_2.3.3.5254_20160609_clean_external.exe

GOM Player

Gretech Corporation

This is a setup and installation application. The file has been seen being downloaded from download.thaiware.com.
Publisher:
Gretech Corporation

Product:
GOM Player

Description:
GOM Player Setup File

Version:
2.3

MD5:
0206693f0865347e52532454600a716a

SHA-1:
3fbc563ba4ad94df9dda2b5503e4460c6caa6505

SHA-256:
3698da3f9e4f881246a35fea485b6fdba62959f51c5f72be6b1a273c48fc15f2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 1:56:16 AM UTC  (today)

File size:
14.8 MB (15,557,028 bytes)

Product version:
2.3.3.5254

Copyright:
Copyright(C) Since 2003 Gretech Corporation.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\gomplayersetup_2.3.3.5254_20160609_clean_external.exe

File PE Metadata
Compilation timestamp:
4/4/2016 3:19:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:ZaVUw+y9EE367HjALAfary/iY0amYJCwndG9JdQ+Lfa+GGZvNNvWWfKTXMK:ZaVL+WEALAfoyqYqVodGRi9GnBjiTX

Entry address:
0x33B6

Entry point:
0F, AF, D6, 02, D7, FE, CB, 53, BA, 91, 2F, 7A, 9A, 43, F2, B9, 73, CF, EB, D1, C6, C5, 56, FE, C5, 1D, E6, 1F, A2, C9, FE, C6, 81, F3, 04, 19, 00, 00, F6, C1, 22, FF, C8, 12, C3, 3B, EA, 69, F8, 85, 83, 04, E8, 8D, 2D, 28, A9, C0, 51, 87, F6, B9, 6C, D0, D3, 3B, 68, 8C, 9C, 4C, 00, 68, 08, 00, 9B, 00, 35, 28, B7, F8, 92, E8, 20, 00, 00, 00, 42, 14, DA, C7, C2, 9E, 98, 0E, E5, 87, DA, 8A, E6, F2, 0F, B7, FA, 81, E9, A4, 7A, 00, 00, 0F, BF, D8, 81, C1, 16, 01, 00, 00, 87, C1, 85, E9, 73, 02, 84, CE, 0F, AF...
 
[+]

Entropy:
7.9995  (probably packed)

Code size:
24.5 KB (25,088 bytes)

The file gomplayersetup_2.3.3.5254_20160609_clean_external.exe has been seen being distributed by the following URL.

http://download.thaiware.com/.../GOMPLAYERSETUP_2.3.3.5254_20160609_CLEAN_EXTERNAL.EXE

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.