home

webgate

MD5:
38529b1fc6ac2c6fc1af8a3ec8bfa20b

SHA-1:
95d7c6c49cff03b6f90e585f1bf76328824481ed

SHA-256:
b8229faa0196204acdad24ae72ef09cee5bf329d38286eb614da3aada58fbb5f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 6:58:45 PM UTC  (today)

File size:
5.1 MB (5,346,304 bytes)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\{random}\webgate

File PE Metadata
Compilation timestamp:
7/25/2012 12:02:21 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:AP6wdVaD+RqaVt8qUtGuzj8csybvAVVP2jrS1yeWdPy690n:AP9dVW+RqaVt8qUtGuzj8csybvAVVP24

Entry address:
0x5B5B0

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 83, FA, 01, 49, 8B, F8, 8B, DA, 48, 8B, F1, 75, 05, E8, 5F, 05, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 33, FE, FF, FF, CC, CC, CC, 40, 53, 48, 83, EC, 20, 41, 8B, 00, 48, 8B, DA, 4C, 8B, C9, 44, 8B, D8, 4C, 8B, D1, 41, 83, E3, F8, A8, 04, 74, 13, 41, 8B, 40, 08, 4D, 63, 50, 04, F7, D8, 4C, 03, D1, 48, 63, C8, 4C, 23, D1, 49, 63, C3, 4A, 8B, 14, 10, 48, 8B, 43, 10, 8B, 48, 08, 48, 03...
 
[+]

Entropy:
6.3900

Code size:
2.8 MB (2,949,120 bytes)

The file webgate has been seen being distributed by the following 2 URLs.

https://dealerdaily.toyota.com/

https://dealerdaily.lexus.com/

Scan webgate - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.