home

gttext_1.4.5.exe

Windows Internet Explorer

Microsoft Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Microsoft Corporation

Product:
Windows® Internet Explorer

Description:
Win32 Cabinet Self-Extractor

Version:
10.00.9200.16438 (win8_gdr_soc_ie_beta.121108-2200)

MD5:
75f5707ef7139e863228386fdf1251c4

SHA-1:
40d6efa1caea31091001e1608a22ec5f34349916

SHA-256:
86b2aaba554b16142f44d698899d3a102ee617a7317bfb7d49956cee00df2e12

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 1:38:09 PM UTC  (today)

File size:
13.4 MB (14,019,584 bytes)

Product version:
10.00.9200.16438

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
WEXTRACT.EXE .MUI

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\gttext_1.4.5.exe

File PE Metadata
Compilation timestamp:
11/9/2012 8:29:39 AM

OS version:
6.2

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.10

CTPH (ssdeep):
196608:AjuxDm3Qek/fisOfh/a24DBY/hMdFRp6xNmj7cf8Zq/1+XIkSXKPae3LIf4K3m6:AK03QeqfisMa9FLv6xUA+qWiaPae3sF

Entry address:
0x6897

Entry point:
E8, B5, 03, 00, 00, E9, 0D, FE, FF, FF, CC, CC, CC, CC, CC, 3B, 0D, 0C, 70, 40, 00, 75, 03, C2, 00, 00, E9, 05, 00, 00, 00, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 81, EC, 24, 03, 00, 00, A3, 20, 74, 40, 00, 89, 0D, 1C, 74, 40, 00, 89, 15, 18, 74, 40, 00, 89, 1D, 14, 74, 40, 00, 89, 35, 10, 74, 40, 00, 89, 3D, 0C, 74, 40, 00, 66, 8C, 15, 38, 74, 40, 00, 66, 8C, 0D, 2C, 74, 40, 00, 66, 8C, 1D, 08, 74, 40, 00, 66, 8C, 05, 04, 74, 40, 00, 66, 8C, 25, 00, 74, 40, 00, 66, 8C, 2D, FC, 73, 40, 00, 9C, 8F, 05, 30...
 
[+]

Entropy:
7.9968  (probably packed)

Code size:
24 KB (24,576 bytes)

The file gttext_1.4.5.exe has been seen being distributed by the following 9 URLs.

http://gsf-cf.softonic.com/40d/6ef/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=3348904&instance=softonic_en&type=PROGRAM&Expires=1462222514&Signature=THbMlt0Kg6PDcw1kWzxo3tKQViGzPBPw1ubd0tqgAwymRuh7urKa8bMbO8jFKJ6jVfaWRUe3eiDjFdJKnhkJfYD4k~PbtuEZAvp~jz4UlmMOigfq0n1SwsgUfyOIBPtvV2Ot7I-w4Fe~sFk3gybZfFDYb4DTXXIvzDYn3iA3rgc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gttext_1.4.5.exe

http://gsf-cf.softonic.com/40d/6ef/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=3348904&instance=softonic_en&type=PROGRAM&Expires=1461169404&Signature=VFaNdCN29sWsg5kRWkVDcmLb1HcR7qVJ-kZH6acb0KWLKTRAc7SFIphYnoTTPkl4K6IX03R2XQlkaeIrTWS6n~Ti2vmmm--yXy9llBv7exWA6HYKi41WKONptVTeLLsQCFgzG~PxmHL2wiX~tgiRT0Dxrm-vFes5e-ldEvzHaT0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=gttext_1.4.5.exe

blob:http://sd-web.softonic.com/d2d5b58b-5065-4f0f-9f2e-e817a0570112

http://files.downloadnow.com/s/software/13/00/54/.../gttext_1.4.5.exe

http://gttext.googlecode.com/.../gttext_1.4.5.exe

https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/.../gttext_1.4.5.exe

http://software-files-a.cnet.com/s/software/13/00/54/.../gttext_1.4.5.exe

http://r2.computerbild.de/exec/r2r.pl?m=w-cobi;u=http://d.computerbild.de/downloads/.../gttext_1.4.5.exe

https://gttext.googlecode.com/.../gttext_1.4.5.exe

Scan gttext_1.4.5.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.