NewGD_Setup_1.0.2.0.exe

GalaxyDiagnostic

Samsung

This is a self-extracting archive and installer. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘C:\Users\Samsung 300E\Downloads\NewGD_Setup_1.0.2.0.exe’. The file has been seen being downloaded from skp.samsungcsportal.com and multiple other hosts.
Publisher:
Samsung

Product:
GalaxyDiagnostic

Description:
This installer database contains the logic and data required to install GalaxyDiagnostic.

Version:
1.0.2.0

MD5:
d98482aefa9d4d0c86837487cf1e9c74

SHA-1:
25b4068a004c07bf08b2717385f15bc89b2adb6a

SHA-256:
cfd9150979716344a0a994b42d14d8663cf1c0ec36e5143bd96c0d776665e084

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/30/2024 3:37:22 PM UTC  (today)

File size:
141.6 MB (148,434,771 bytes)

Product version:
1.0.2.0

Copyright:
Copyright (C) 2016 Samsung

Original file name:
NewGD_Setup_1.0.2.0.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\newgd_setup_1.0.2.0.exe

File PE Metadata
Compilation timestamp:
3/23/2016 6:36:36 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
3145728:cQ5dymsTU1jl5MetB28jcOJZDWboeBkSjobmsUQC0mjN6QbstcHznb9Jo:cQjfMU1p5FN5WiS86RQCoYs0nbI

Entry address:
0xD2BA3

Entry point:
E8, 53, 06, 00, 00, E9, 80, FE, FF, FF, CC, CC, CC, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 0F, 03, C1, 1B, C9, 0B, C1, 59, E9, 9A, 07, 00, 00, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 07, 03, C1, 1B, C9, 0B, C1, 59, E9, 84, 07, 00, 00, FF, 25, 90, 62, 51, 00, 8B, 4D, F4, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, F2, C3, 8B, 4D, F0, 33, CD, F2, E8, 7B, F4, FF, FF, F2, E9, DA, FF, FF, FF, 8B, 4D, EC, 33, CD, F2, E8, 6A, F4, FF, FF, F2, E9, C9, FF, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44...
 
[+]

Code size:
1.1 MB (1,132,032 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
C:\users\{user}\downloads\newgd_setup_1.0.2.0.exe

Command:
"C:\users\{user}\downloads\newgd_setup_1.0.2.0.exe" \exenoupdates \exelang 1046 \prereqs "0,1"


The file NewGD_Setup_1.0.2.0.exe has been seen being distributed by the following 2 URLs.

http://skp.samsungcsportal.com/basis/.../attachDownload.skp?attachFileSeq=31f8a7e4969f3f775f6743639c82d712

Scan NewGD_Setup_1.0.2.0.exe - Powered by Reason Core Security