home

forego.exe

DigiCert Inc

Publisher:
DigiCert Inc  (signed and verified)

MD5:
ace3ece626ad0a51309d6c0268faa8cd

SHA-1:
6547de1771fd13c11501cd6efbba6f5f02f9b1cc

SHA-256:
c39ac528a4708cd3f278c22ea89558bcbb41d6982b0bb5ed863f5a8b24ec7815

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/12/2025 3:01:17 AM UTC  (today)

File size:
7.5 MB (7,815,168 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\forego.exe

Digital Signature
Signed by:
DigiCert Inc

Authority:
DigiCert Inc

Valid from:
11/10/2006 5:00:00 AM

Valid to:
11/10/1931 5:00:00 AM

Subject:
CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Issuer:
CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
02AC5C266A0B409B8F0B79F2AE462577

File PE Metadata
Compilation timestamp:
1/31/2015 3:02:40 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
3.0

CTPH (ssdeep):
49152:zvztEqFcCWYl0X3OlRYb8AH3mZ30H8SdS/B2jRgrDLGoyH0lSUiXgS7NYFidZjYV:PFh8m9BGj69SvuW1rXevqxTM

Entry address:
0x36300

Entry point:
48, 8D, 74, 24, 08, 48, 8B, 3C, 24, B8, 10, 63, 43, 00, FF, E0, B8, 50, 37, 43, 00, FF, E0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 51, 48, 8B, 01, 48, 8B, 71, 10, 48, 8B, 49, 08, 65, 48, 8B, 3C, 25, 30, 00, 00, 00, C7, 47, 68, 00, 00, 00, 00, 48, 81, EC, 80, 00, 00, 00, 83, F9, 04, 7E, 11, 83, F9, 10, 7E, 02, CD, 03, 48, 89, E7, FC, F3, 48, A5, 48, 89, E6, 48, 8B, 0E, 48, 8B, 56, 08, 4C, 8B, 46, 10, 4C, 8B, 4E, 18, FF, D0, 48, 81, C4, 80, 00, 00, 00, 59, 48, 89, 41, 18, 65, 48, 8B, 3C, 25, 30, 00, 00, 00, 8B...
 
[+]

Entropy:
5.3170

Code size:
5.2 MB (5,497,344 bytes)

The file forego.exe has been seen being distributed by the following URL.

https://godist.herokuapp.com/projects/ddollar/forego/releases/current/.../forego.exe

Scan forego.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.