installgoldwave620.exe

GoldWave Inc.

This is a setup and installation application. The file has been seen being downloaded from www.bytesendclear.com and multiple other hosts.
Publisher:
GoldWave Inc.  (signed and verified)

Description:
Installer program for GoldWave software

Version:
6.1.0.0

MD5:
0781f0abc1d212befc61580c567769b6

SHA-1:
5df0716babcbec51854cf466781b5e4f77401513

SHA-256:
eb5d205a174e80e6a3e5a92adaba7d92ca443f1b3490ae64e78954ea8d61af46

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 12:21:54 PM UTC  (today)

File size:
12.2 MB (12,798,648 bytes)

Product version:
6.1.0.0

Copyright:
Copyright © 2016 GoldWave Inc.

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\installgoldwave620.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
2/25/2016 6:00:00 PM

Valid to:
2/25/2018 5:59:59 PM

Subject:
CN=GoldWave Inc., O=GoldWave Inc., STREET=2 Third St., STREET=PO Box 21151, L=Mount Pearl, S=Newfoundland, PostalCode=A1N 2A5, C=CA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00C120BEF1D673AC26D471A5957DE3A582

File PE Metadata
Compilation timestamp:
3/4/2016 12:13:57 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
393216:l9nZy0JXpK/wxninDDg3mP0fJzxLOBIU82wrx:DZy0JY4WMWsfJzVU82mx

Entry address:
0x11A0

Entry point:
6A, 00, 48, 31, C9, E8, EE, 4D, 08, 00, 48, 89, 05, EF, CE, 08, 00, E8, 7A, F9, 05, 00, E8, E5, 42, 05, 00, E8, 80, F9, 05, 00, 48, 8D, 05, 39, CE, 08, 00, 48, 8D, 0D, C2, 22, 00, 00, 48, 89, 48, 30, 48, 8D, 0D, 27, FE, FF, FF, 48, 89, 08, 48, 8D, 0D, 61, FF, FF, FF, 48, 89, 48, 08, 48, 8D, 0D, 56, FF, FF, FF, 48, 89, 48, 10, 48, 8D, 0D, 9F, FF, FF, FF, 48, 89, 48, 18, 48, 8D, 0D, 6C, B1, 07, 00, 48, 89, 48, 68, 48, 8D, 0D, C1, B6, 07, 00, 48, 89, 48, 70, 48, 8D, 0D, 76, B8, 07, 00, 48, 89, 48, 78, 48, 8D...
 
[+]

Entropy:
7.9571  (probably packed)

Code size:
536 KB (548,864 bytes)

The file installgoldwave620.exe has been seen being distributed by the following 6 URLs.

http://www.bytesendclear.com/R2aF7cq7iTwuldd6ybaRc1x8TSoh9cyb HMTrmX_LRtJfc8IJ0MdxvLq9M0hStSEexrduGRuEPlsuhGNOAlWkyvUGeb sSRi506o5hOzW5nSySHcMe7otzGuhjL_sBf7 1b35 qUcBT74vnktEVocaKzGDIXKXyCej_W18WKyyOl8PRFoEw2bKnrNjdKKNRu1B0PQI2VItFOXDwQUol2HdylEVtnYWTSUHcUUqnnficLdiZfDBd0HpjMZ788Rw8zIAlmFiTs1Zp9mBN3ycMn5dbt6zu_ESh01yktEmSzHceAtM0xLbYBgNggdw5pPsNnrT1jRLWv92r93UeqZgJUrCLSLHWsztolOjSGMA4MAAYDoJEtkbWz7oSlHM j8dlYefqE8Vsm6v_bYRIcgvkhGyrbonSjEsiFFHLDkj0FGn9yPOzPBFi7vhV88HvyBfyB8lBy60hVlh4_2LTXvMUT IyaniLl4AbRILvBG1TOOspClIElegEn0CLEsepucfXgckBAw7rLM0P0xJmdoMvyBtjSnpl aOkjyTLdwBEmwUHK6onJi2pBhRXWJ7P4RN5MkSZWjXhfcivE6rj0AfNu5EFvPUFQw==-GzcAAEQ3F5uKwVDlIT0LjpfzB8EfHHLA_u2RJBYA1tjWgbwxZn3RcAl1i1cqj1Ntn9 dMxqmQvgA-E

Scan installgoldwave620.exe - Powered by Reason Core Security