GWX_control_panel.exe

GWX Control Panel

Josh Mayfield

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘GwxControlPanelMonitor’.
Publisher:
UltimateOutsider  (signed by Josh Mayfield)

Product:
GWX Control Panel

Description:
GWX Control Panel - Closes and configures the 'Get Windows 10' system tray application.

Version:
1.7.0.3

MD5:
c573310fc17239a8ae34cf44338ad8b7

SHA-1:
3f3c598dac37cffe9ed5bdb4cd865dc630c7ae77

SHA-256:
8b5de487fd88e22cb4c0ce0a60997cb74d3c5b73fce6b51ac1bafc708ee9a7f9

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/26/2024 3:15:37 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
W32/Ramnit.A
7.11.30.172

File size:
4.3 MB (4,522,056 bytes)

Product version:
1.7.0.3

Copyright:
(c) 2015, Josh Mayfield/Ultimate Outsider. All rights reserved.

Original file name:
GWX_control_panel.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\ultimateoutsider\gwx control panel\gwx_control_panel.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
1/19/2015 1:00:00 AM

Valid to:
1/20/2016 12:59:59 AM

Subject:
CN=Josh Mayfield, O=Josh Mayfield, STREET=16958 NW Cove Ct, L=Portland, S=OR, PostalCode=97229, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
21EE4D19B5C3ACB45C47E786060905CD

File PE Metadata
Compilation timestamp:
1/5/2016 6:56:51 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
98304:fg/iqex/vZyBlGJR/jfL23VK4CNtnedcpR5y+X3gCWFLOAkGkzdnEVomFHKnPq:YcQ4TTnedcpaAgCWFLOyomFHKnPq

Entry address:
0x135564

Entry point:
E8, 46, 98, 00, 00, E9, 7F, FE, FF, FF, 3B, 0D, 30, 94, 62, 00, 75, 02, F3, C3, E9, D1, 33, 00, 00, CC, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, 70, 73, 63, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, BC, 94, 62, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, 70, 73, 63, 00, 00, 0F, 83, A7, 01, 00, 00...
 
[+]

Code size:
1.7 MB (1,760,768 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
GwxControlPanelMonitor

Command:
"C:\Program Files\ultimateoutsider\gwx control panel\gwx_control_panel.exe" \traymode


Scan GWX_control_panel.exe - Powered by Reason Core Security