» mgd35.exe
Overview
Analysis
File Details
Downloads (14)

mgd35.exe

Gestión MGD

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

mgd35.exe

Product:

Gestión MGD

Description:

Gestión MGD Setup

MD5:

7138dbab70b709673cb8a8069341cb87

SHA-1:

06561a6f89e9df76564ce33217b379aa137e35ed

SHA-256:

2fd60af97b21b11e91f2d98c8371377518c03795e72f498157f2c52c2ccc0136

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/15/2024 5:27:06 PM UTC (today)

Scan engine

Detection

Engine version

ViRobot

Trojan.Win32.A.Badur.8179008[h]

2014.3.20.0

File size:

7.8 MB (8,179,008 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Common path:

C:\users\felip\mgd35.exe

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

196608:Hg8c4Ww3J7TbUyrbUEY1Hwa3K1biadHVCWajIxO:Hg8LWI9bzrgEY1v8bpXhajII

Entry address:

0x9C40

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

The file mgd35.exe has been seen being distributed by the following 14 URLs.

http://gsf-cf.softonic.com/065/61a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=44865&instance=softonic_es&type=PROGRAM&Expires=1425537158&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=I1QKBv83CLUZGnFwPw9bOd~dZrMDC99j4YHWfavhlq-HJqSCbqyqbai8jlJolGkkbgZ-2H4Gp926f12ZPws-ytSwDaTe1bIpoawusVcByYa2PO1UgsoR3hSFJTFBZy6ZOc4OAgS8VCONnVsyMvUgUOlM0y79r4NQ~BP2gsSd6Gw_&filename=mgd35.exe

http://gsf-cf.softonic.com/065/61a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=44865&instance=softonic_es&type=PROGRAM&Expires=1432335808&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=cQMPNZkbWZhTZroiXY3c1D9YSCkLCRBa4KtHuAmvlKkQLTGagzNfe9ZKkbQ6vw6QCk7kr7bQg7Tv~yClDfsVqzlDr8CgDOMVXWvt-~~y-xZlYV9KDdS9TVqLlGxaA0hHzQ5RCO2PDo72MySXTeKj7Q5yagib~PlUiad3WLoADR4_&filename=mgd35.exe

http://gsf-cf.softonic.com/065/61a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=44865&instance=softonic_es&type=PROGRAM&Expires=1425714499&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=TKa2VootN9WQnAUBFUn9FiFpz3vn2HBKjGDnrjhIJYxPI~fWkTtn23ScRWaABuxuehf6yZ3P5CumvyGVjkfDA4N6kJ~Ood-RLrp0-PBFpJ8gjnoBAuob2IOpPeTtIqKd3Bkl33rC62iFEEOp0jl1bojIDmYjIxkCEon1QXIBJ7g_&filename=mgd35.exe

http://gsf-cf.softonic.com/065/61a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=44865&instance=softonic_es&type=PROGRAM&Expires=1480320654&Signature=M6WWQYlfEFt7Svjz4lEXaolGEIhTeCgQcdoFSPtXHq4X-WLRrIYquTgTa-DvxtOSb7B1GhJCOblyBAoOgCM17rBKXYIhAi0u~fAl6vL4K6-sUfcmQt5Qomj~vJboY2c35ozePMiu11~Ito2a3D882yYIUzWd5Vt40ZDVClpOIp8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=mgd35.exe

http://gsf-cf.softonic.com/065/61a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=44865&instance=softonic_es&type=PROGRAM&Expires=1475811254&Signature=C4GiXVEkL5Mo~d0PidbGuyRfudeFx9Ub0qcb-KPBVcEpqwjiuwvPqXFRyXkbCM2zhoUMGye8Tz558SlKRZaEDk1IEaLLGp-~GyeMDfUX8~pHlffnfVRn5CqDFarGJVoSi8d-cHwsaHjoZtyO56GoRBiULiALd5XjzjmtvBjcRGw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=mgd35.exe

http://gsf-cf.softonic.com/065/61a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=44865&instance=softonic_es&type=PROGRAM&Expires=1456984793&Signature=HHfWu2ywK7947DEHGWZIbhnKsXNECR~Z8Uhf~FzN51vaJ7Iy8bgCOsmFyNlOj0XkEbtH2Deswh7H2jKvpuYeRIcPsiZe-1PBGdA-1rCpMSEsVlGEjIKg6JBREG1D-EyyGCncjuLbuGao36ttDuDpAxFTlNG3kwq4~iu709NRPqw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=mgd35.exe

http://gsf-cf.softonic.com/065/61a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=44865&instance=softonic_es&type=PROGRAM&Expires=1456446934&Signature=OMll8-L3D8Q178wrqtfFqlVeySQUPe1-oz3cskdlHlx3OWHN2X~tEHFIwdT52fnKt75jPx-rbachil1V4SdTSeBLVNvQZYyQnnYE8ARDySYC4tJhANm5F3pbb5n12V0TJcd~1yHKkMcDkbVKop7GpYY1y~QNgQYIGNE79mmpXpw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=mgd35.exe

http://gsf-cf.softonic.com/065/61a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=44865&instance=softonic_es&type=PROGRAM&Expires=1460782126&Signature=hfpMxf8WFp8OX02rSjEe1n1bJvSMFJAaU7ipcS8dx2imxSR0CKalUBZAYIfJopu5yXosyK8ODqK9c3YmRjMCiFAi1Cl5AQhSfZJLplsFieSluK3sIB9~mzmVzpdW5ctU0Gfhk4u0bEKNWflNUFCb1YN2-1w2tbz-lJVsjBfh6gQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=mgd35.exe

http://gsf-cf.softonic.com/065/61a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=44865&instance=softonic_es&type=PROGRAM&Expires=1458421533&Signature=hoPj1vJ3LwvC9P2MfrnB~5SWbNve963DdW5~E8ccG4z64orFME1XGDy1pvT6rAnTH-9EgVp7agx6we60Gmgk47rrgeR2f2IQwzHEOw86lOcbLngkjQ8eI3QPHcY2ZEAcAiJfqO8yL0sFFkmWhrHO6n6885JDx5RHU~nQSQhhvHw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=mgd35.exe

http://gsf-cf.softonic.com/065/61a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=44865&instance=softonic_es&type=PROGRAM&Expires=1432627201&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=Oozpia8ZduOgJtx14jgsy61iaB0vnSSGseulpIKBIjBecsib4Lz-VcdKaLoUoGd8gpgfxuyFT~~op~gj3MEgskr3UbYrgWg3v7iyIn0MhUO7qB95My80jsuVPmJBl3OUWqg4lADp~GmZ5vdxlQnCQKZBNLlaJXDrjHux0bt5EEE_&filename=mgd35.exe

http://gsf-cf.softonic.com/065/61a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=44865&instance=softonic_es&type=PROGRAM&Expires=1459733464&Signature=e0LR5dKSs3rajg3LJE-CEPxSl0SnVFhuS1tjf3Uwvgiso8gxHnLN2bfOVLBXfx7zn~dHX-BkPi13K80a6MDlwDzhtypT6Kt9H~xlGVJjZk41y4LSuZVxL-qasWUNcrLoat14sPQ~xIL9DnPQqYqlxflyR40YwN4~pXM47Ap5-7Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=mgd35.exe

http://gsf-cf.softonic.com/065/61a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=44865&instance=softonic_es&type=PROGRAM&Expires=1432953996&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=egQKQVpIQHJqmjvgozGwpL9f6oiTkkY9QdyHZ6k1zCac0PAmpaDSlGA1R4z5QKuzoTZzWLqK8JcTxzVbfCpBk98PB6BtiZsMWJj7AxGjMAyio2IoFPd3Zj0CMZL48Jh2O4aGRhsh00MT5n2aRiIQR1BXm3p7LX5HnBCGwbaNwqs_&filename=mgd35.exe

http://gsf-cf.softonic.com/065/61a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=44865&instance=softonic_es&type=PROGRAM&Expires=1423247965&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=J-Fb0NBCc5Ycpu7wgyyl-iNXJyjVdPcZqlBpRHYwZMZ8u8qPYCEbrNKgLqPpynliUey8R2so2Dg-Z45dqmol~Wyqh1nJn-pJABx2sFzxkSNy4~7U71XtLl6VpVcJ2b9BNzzPstE9wE7Lv-uWcbG1-~OGf1FUdqJjIAVUicxZjJ4_&filename=mgd35.exe

http://ciberconta.unizar.es/leccion/gestionmgd/.../mgd35.exe

Scan mgd35.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.