home

winguggle23.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from 24f063c2-a-62cb3a1a-s-sites.googlegroups.com and multiple other hosts.
MD5:
1bbf6f238091f3f99f08a0b937993d85

SHA-1:
e09943376b6f8579ae272fa309cd35fee0d264be

SHA-256:
b753e4a9dddc17f4d7672586652ad0251700590cc02269810fb0170df2cfa109

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
9/21/2024 2:18:26 AM UTC  (today)

File size:
155.8 KB (159,504 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\winguggle23.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
3072:EkO2I2hixidIzv7eGT0IMvf9IbggFN9RTLKbN6j0JvMz73aUH:TZI2hixiiqO/U6bggFXRfKbIKO7Kg

Entry point:
50, 4B, 03, 04, 14, 00, 00, 00, 08, 00, 1D, 5F, 4D, 3E, 23, 39, B6, 91, 9F, 35, 02, 00, 00, E2, 05, 00, 0D, 00, 00, 00, 57, 69, 6E, 47, 75, 67, 67, 6C, 65, 2E, 65, 78, 65, EC, 9C, 7B, 70, 54, D7, 7D, C7, CF, AE, 96, 5D, 3D, 11, 7A, AD, 10, AF, 7B, 79, 08, 16, BD, 10, 02, 8B, 87, 04, 16, 20, 5E, 92, 10, 02, 64, C0, 40, 08, 08, 81, 0D, C6, 5A, F9, AE, B0, 15, 1E, B2, 90, 31, 26, 0E, C6, 36, 21, 24, C6, D8, B1, B1, 43, 81, 3A, 98, B8, A9, 8B, A9, 52, 3B, 4D, 3A, 4E, D2, 66, C6, AF, B8, B5, 9D, 21, 9E, E6, D1...
 
[+]

The file winguggle23.exe has been seen being distributed by the following 2 URLs.

https://24f063c2-a-62cb3a1a-s-sites.googlegroups.com/site/winbubbles/.../WinGuggle23.zip?attachauth=ANoY7cqnAjOO2cI9tp_odVKC5Tfc-akkOgfy5qDD1TLWKHZQWMDi9ej6k_USFHMRRCJKABzUotO0ZPNBEPKuznbCQ5N0jrSUqpAqnEtLd_JwOyQAhhs7oC1UufUrIYejVI8xm9WO-yG0p9hCosN5R_W-ypUffupqHNdPqJHZDiuzDVofUwGKHntD7trRcKIAmGfpdvNboTc4eSeZY9w8ht8aXiaue2UX859IkyB_gH1e-2Dd71gKYZk=&attredirects=0

http://www.plikus.pl/pobierz,kuo.html

Scan winguggle23.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.