archive_file230162.exe

GetGo Download Manager

GetGo Software Ltd.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
GetGo Software Ltd.  (signed and verified)

Product:
GetGo Download Manager

Description:
GetGo Download Manager Installer

Version:
5.3.0.2712

MD5:
b26d82eadef93531f8beafac6105ef13

SHA-1:
a3408717b0ac889e10f718fa685d21223b788e93

SHA-256:
e2e39996a0c50efb55a21eb4a5e3dedfdd5fe6ab4625564bf8251f42fac679e2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 4:26:25 PM UTC  (today)

File size:
3.7 MB (3,875,576 bytes)

Product version:
5.3.0.2712

Copyright:
Copyright(c) 2004 - 2016 GetGo Software Ltd.

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\appdata\local\temp\archive_file230162.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
1/23/2015 2:00:00 AM

Valid to:
1/23/2018 1:59:59 AM

Subject:
CN=GetGo Software Ltd., O=GetGo Software Ltd., STREET=1840 Knutsford Place, L=Victoria, S=BC, PostalCode=V8N 6E4, C=CA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
5C0E4AB077C1D8AE5F59818AD3B213E1

File PE Metadata
Compilation timestamp:
12/6/2009 12:50:46 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:mBNSpuco8+kdzZdsYp5f/XNgv8v04cILRwD/9J+SLlIfv:Lu2+UZ2K/XK8c6eJ+K2n

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file archive_file230162.exe has been seen being distributed by the following 50 URLs.

http://gsf-cf.softonic.com/643/2ea/.../file?SD_used=0&channel=WEB&fdh=no&id_file=35896&instance=softonic_en&type=PROGRAM&Expires=1461317411&Signature=a1XNemXlaaI-VPJ6slnJrjtDhQFZ7-KAmokOeTv89Asv8bfNTZZQPq0QLoLrV4eanBMpfS1j-mJyaCnQCBBvwTswHrVQUcHrWblBOK4f6RhAzNoAPzWNADGnhchX-JC07ZKrTADuJrzZDlOP~jmObNOARqNmj-qremnQ3Uz0EHk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cmr2005-demo-installer.exe

http://www.advanpromo.com/cr?b=292920&p=20667&ch=&cps=&c=12978&l=PH&h=c63e094c40288c3e985faff9f1fa60c1&t=1465898034018&tz=8.0&sh=900.0&sw=1440.0&u=http://www.getgosoft.com/.../GetGoDMSetup.exe

http://www.filehorse.com/download/file/.../

http://96792daaf8300d6995db6062.filasthroughly.ru/.../?f=YTo3OntzOjc6InNpdGVfaWQiO3M6NDoiMjgzMyI7czo4OiJmaWxlX3VybCI7czo0NzoiaHR0cDovL2Rvd25sb2Fkcy5nZXRnb3NvZnQuY29tL0dldEdvRE1TZXR1cC5leGUiO3M6OToiZmlsZV9uYW1lIjtzOjE4OiJDYWVzYXIgSVYgR2FtZS5leGUiO3M6OToiZmlsZV90eXBlIjtzOjc6ImFyY2hpdmUiO3M6OToiZmlsZV9zaXplIjtzOjc6IjM3MDAwMDAiO3M6NjoicmFuZG9tIjtpOjI3NzcwNDtzOjQ6InRpbWUiO2k6MTQ2MzY1MzQ1MTt9&utm_source=1054396.4445.4.NL.1&utm_medium=default&utm_campaign=default&returnMode=deny

http://indir.gezginler.net/i/13013/.../

http://a.tuviviet.net/v2106xm/2/.../getgo-download-manager-5302712.exe

&onid=2071&oid=3001-2071_4-10277023&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14499799&mfgid=6254212&merid=6254212&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=953d12d43e466a95eec36e52&viewguid=g1U9Jiwu-vgzkWaIsajUgQsOqqP@n8x-DxGc&destUrl=http://files.downloadnow.com/s/software/14/49/97/.../GetGoDMSetup.exe

http://8cc7650aff8ad78ec3271742.filasthroughery.ru/.../?f=YTo3OntzOjc6InNpdGVfaWQiO3M6NDoiMjgzMyI7czo4OiJmaWxlX3VybCI7czo0NzoiaHR0cDovL2Rvd25sb2Fkcy5nZXRnb3NvZnQuY29tL0dldEdvRE1TZXR1cC5leGUiO3M6OToiZmlsZV9uYW1lIjtzOjUzOiJNaWNyb3NvZnQgT2ZmaWNlIDM2NSBQcm9kdWN0IGtleSAgIENyYWNrIFVwZGF0ZWQgLmV4ZSI7czo5OiJmaWxlX3R5cGUiO3M6NzoiYXJjaGl2ZSI7czo5OiJmaWxlX3NpemUiO3M6NzoiMzcwMDAwMCI7czo2OiJyYW5kb20iO2k6OTc0NDc7czo0OiJ0aW1lIjtpOjE0NjQyMTE5Nzg7fQ,,&utm_source=1057912.4445.4.BR.1&utm_medium=default&utm_campaign=default&returnMode=deny

&onid=2071&oid=3001-2071_4-10277023&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14499799&mfgid=6254212&merid=6254212&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=5bd2b682a9269de323a5807b&viewguid=gKQ89s-K3EP8a7HVzmCuCsIiAtNda9a-0GtE&destUrl=http://files.downloadnow.com/s/software/14/49/97/.../GetGoDMSetup.exe

http://a4b09a3e4bca34647f916fdf.storefasterify.ru/.../?f=YTo3OntzOjc6InNpdGVfaWQiO3M6NDoiMjgzMyI7czo4OiJmaWxlX3VybCI7czo0NzoiaHR0cDovL2Rvd25sb2Fkcy5nZXRnb3NvZnQuY29tL0dldEdvRE1TZXR1cC5leGUiO3M6OToiZmlsZV9uYW1lIjtzOjQxOiJjaXZpbCBkZXNpZ25lciBzb2Z0d2FyZSBmcmVlIGRvd25sb2FkLmV4ZSI7czo5OiJmaWxlX3R5cGUiO3M6NzoiYXJjaGl2ZSI7czo5OiJmaWxlX3NpemUiO3M6NzoiMzcwMDAwMCI7czo2OiJyYW5kb20iO2k6NzM1OTQ2O3M6NDoidGltZSI7aToxNDY0OTEwNTUwO30,&utm_source=1055272.4445.4.NG.1&utm_medium=default&utm_campaign=default&returnMode=deny

http://113.171.224.211/.../GetGoDMSetup.exe

http://www-searching.com/?s=G5Izamobl2140AP,acdaab13-279a-4f3a-afb7-ba77dc425955,&prd=smw&vp=ch&prd=smw_vp&UUU=http://.../GetGoDMSetup.exe

https://wi.prd-1.delivery.autodesk.com/webinstall3/webInstallerService/.../form

http://dw6.uptodown.com/dwn/KOYRuig5rUUtBfHWbbsugkFZSKZlPIju0S9QcqGzP9BB9TdF5cs5Zx1VJS94pCBCGbZrygY9lucxH5Q1ty1g48O0ch4pyq6mT0fqrD89D_wNZAnb-hVx0BRVpSFQuGGV/jkXREu4HswC6G9fdKdo9Aw54liNr4phrIZcW-mMA3qKNzxtMEQPkK4C9YFTY9z2RapycNqHhELsoqqvvDdUfjMkvqbcuUgkdUtYF3YyY611eWX0nwhvxSyWpu4h5wWHB/JCGbcoI_F1poF9nWfbmtbQMKUS11Sd7-4DNRPaE93vIrjtf0-FmHZK5iqIuPHuorC5Y2TL4CIQbyb1G2elQFQEOqW_ntobaj8T9FSM0YN4KO2Oh3rXy6HTJQjb_ukep4/.../getgo-download-manager5-3-0-2712.exe

&onid=2071&oid=3001-2071_4-10277023&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14499799&mfgid=6254212&merid=6254212&ctype=dm&cval=NONE&devicetype=desktop&pguid=72f806342db7711dfb0897d7&viewguid=etz5zXz2eecGfmNSuph9@VrVwFDSOt4v1yxv&destUrl=http://files.downloadnow.com/s/software/14/49/97/.../GetGoDMSetup.exe

http://20786b32b902d0b52f4e024b.appsniceloads.ru/.../?f=YTo3OntzOjc6InNpdGVfaWQiO3M6NDoiMjgzMyI7czo4OiJmaWxlX3VybCI7czo0NzoiaHR0cDovL2Rvd25sb2Fkcy5nZXRnb3NvZnQuY29tL0dldEdvRE1TZXR1cC5leGUiO3M6OToiZmlsZV9uYW1lIjtzOjIzOiJadW1hJ3MgUmV2ZW5nZSBHYW1lLmV4ZSI7czo5OiJmaWxlX3R5cGUiO3M6NzoiYXJjaGl2ZSI7czo5OiJmaWxlX3NpemUiO3M6NzoiMzcwMDAwMCI7czo2OiJyYW5kb20iO2k6NTczODY2O3M6NDoidGltZSI7aToxNDYxNTM1NTUxO30,&utm_source=1054396.4445.4.SL.1&utm_medium=default&utm_campaign=default&returnMode=deny

http://www.advanpromo.com/cr?b=292921&p=20667&ch=&cps=&c=12978&l=TH&h=f72bd3c35eea1dc447f9d089b1bb6dc7&t=1465905674844&tz=7.0&sh=768.0&sw=1366.0&u=http://www.getgosoft.com/.../GetGoDMSetup.exe

https://dw.uptodown.com/dwn/p29pWjJZyHFo273v1mvaYM9MCALsA5EPjbEJlUfQC7w4heB7YOZuXrv25gOpsz4CKHWZp3V1q-vcwdXSe4vlfAMIeNKyBdXvQ0YI1VJ6gPXwkgKhh4wTrRJQC6tueLe6/y8xQJk5eXmsBi78PO249pGBMAs7ptwHvn3MaeTODsorOMrClOsjTLvtoG6le_x8QHwlrg7Lcp7TpXirB_AnUTqu7Lac5liwlSNLK9Wyim2sEGh1C-r3O8JPJbAvI__nV/Bz3vVtLPt9bciQGXPxYXuqOZQUiVvIeudxyf2fWmBGUdB_OeczcwFICh4fZIFcfmfxXZEti0V-uQHO98xEa_w-qxWRn4_QpjrtGNkX0KpEWe8q8NJo0SyrkNhk8NVXGu/.../

http://bef6e906bc22e967597ff571.storefasterily.ru/.../?f=YTo3OntzOjc6InNpdGVfaWQiO3M6NDoiMjgzMyI7czo4OiJmaWxlX3VybCI7czo0NzoiaHR0cDovL2Rvd25sb2Fkcy5nZXRnb3NvZnQuY29tL0dldEdvRE1TZXR1cC5leGUiO3M6OToiZmlsZV9uYW1lIjtzOjI0OiJHVEEgU2FuIEFuZHJlYXMgR2FtZS5leGUiO3M6OToiZmlsZV90eXBlIjtzOjc6ImFyY2hpdmUiO3M6OToiZmlsZV9zaXplIjtzOjc6IjM3MDAwMDAiO3M6NjoicmFuZG9tIjtpOjgyMjAxO3M6NDoidGltZSI7aToxNDY0ODg5NzU4O30,&utm_source=1054396.4445.4.O1.1&utm_medium=default&utm_campaign=default&returnMode=deny

http://dw.uptodown.com/dwn/LO8pehYtS8wQopPwrHecehYXT45v_cCpa-rcPSnmDzOQRsp43igYNRYZrsX9rRl0HYSz4KZO9Lsldnc5ZB2ZfmJ_05DyNSs_P-nyi_I6Gp-wU01po1hyDtRT7suCRwp_/6aFhXVoeYMviSe7YULLm4qeQNmvF09AQoC5stlGO-EWDpBpVB9aFMJvdaPrB2EQWbv-dSqHKLSMr6573vEjHOEElTF26CNo8jFAU9pNPDhoAtN0bW01fZxlQj2HxijSh/jUDTsSufxwJVG6MAs0rXsKScKI3p0nWylv3_kgnhvjs37cE08k2Bh3iIKdn9hsPzs2FXhL4eS70BzK82DtteRjA-lQTa_p10XlH4gU50pREdqGT4s9Hy3-ErmgkSLhWt/.../

http://2381e486f1a813d288c2a0c4.appsonlyloads.ru/.../?f=YTo3OntzOjc6InNpdGVfaWQiO3M6NDoiMjgzMyI7czo4OiJmaWxlX3VybCI7czo0NzoiaHR0cDovL2Rvd25sb2Fkcy5nZXRnb3NvZnQuY29tL0dldEdvRE1TZXR1cC5leGUiO3M6OToiZmlsZV9uYW1lIjtzOjQxOiJkb3dubG9hZCBnYW1lIHJlc2lkZW50IGV2aWwgNCBmb3IgcHNwLmV4ZSI7czo5OiJmaWxlX3R5cGUiO3M6NzoiYXJjaGl2ZSI7czo5OiJmaWxlX3NpemUiO3M6NzoiMzcwMDAwMCI7czo2OiJyYW5kb20iO2k6NzAyNTAwO3M6NDoidGltZSI7aToxNDYxMDUzMjMwO30,&utm_source=1055203.4445.4.SA.2&utm_medium=default&utm_campaign=default&returnMode=deny

&onid=2071&oid=3001-2071_4-10277023&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/dl-managers&topicbrcrm=&pid=14499799&mfgid=6254212&merid=6254212&ctype=dm&cval=NONE&devicetype=desktop&pguid=bce6735be788be4efcb53650&viewguid=d5fvVPwbl-Tcaju3CdDBUfgLobrRhFYXgeI3&destUrl=http://files.downloadnow.com/s/software/14/49/97/.../GetGoDMSetup.exe

Latest 30 of 72 download URLs

Scan archive_file230162.exe - Powered by Reason Core Security