nymgo-5.3.19.exe

Nymgo

Nymgo S.A.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Nymgo S.A.  (signed and verified)

Product:
Nymgo

Description:
Nymgo 5.3.19 Installer

Version:
5.3.19

MD5:
f1ef0553850a41c75f26e32584e12465

SHA-1:
b0d1d38ae288ec0eae92a5a1155c173cb5b6fdd0

SHA-256:
abd73db3dd71d405a3d16265893ddfa20a8cf2c9ed1530058817fce99bda9c00

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 1:37:29 PM UTC  (today)

File size:
15.6 MB (16,352,632 bytes)

Copyright:
Copyright (C) 2008-2013 Nymgo S.A.

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
4/27/2012 5:30:00 AM

Valid to:
4/28/2014 5:29:59 AM

Subject:
CN=Nymgo S.A., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Nymgo S.A., L=Luxembourg, S=Luxembourg, C=LU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
77CD4E186406191F41E21B781803C098

File PE Metadata
Compilation timestamp:
9/26/2011 6:51:33 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
393216:lgYpJVbjl6FWTUg4R7unDcn24oYyLQuSup:NpUFWQoyhoYId

Entry address:
0x39E3

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 91, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, C0, 82, 40, 00, 6A, 08, A3, B8, 2E, 47, 00, E8, 37, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, D0, 2D, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 93, 40, 00, FF, 15, 84, 81, 40, 00, 68, 04, 93, 40, 00, 68, C0, AD, 46, 00, E8, 19, 27, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 30, 4C, 00, 57, E8, 07, 27, 00, 00...
 
[+]

Entropy:
7.9871

Packer / compiler:
Nullsoft install system v2.x

Code size:
28 KB (28,672 bytes)

The file nymgo-5.3.19.exe has been seen being distributed by the following 15 URLs.

http://gsf-cf.softonic.com/b0d/1d3/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69671381&instance=softonic_en&type=PROGRAM&Expires=1438392295&Signature=SqNZxSqh-EoOM35NCSnHtJ90vSLar3y6rxkf427moygLPhdoM8nJ27Upm5NG7Pf97OMbPz91CwOwnrGM5z-GH7fFaHkQZCfY7Rhxj9rOBuC~s9ogoWGPbZjZFiW3xU-oYANV6RuxlawmX~Smd2Aa4~jYN9WqMPe8iPtOP4MOaFQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Nymgo-5-3-19.exe

http://gsf-cf.softonic.com/b0d/1d3/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69671381&instance=softonic_en&type=PROGRAM&Expires=1478877007&Signature=Kg13c7fa39J-Mxcr4FTolRla~k5GS07SK2KsCNPgDWuQ5VzqCrLM89UJkmDnc8MWqTIaf6raNL89ADRDxBfu2OAbt83d7ft8AapAjTtQeIdvcUrTRoGRoPRe767kLMwanjE6Hw3mT70NL3Pa~mEH73LO80EF2ExfuxNMz-D7HAI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Nymgo-5-3-19.exe

http://gsf-cf.softonic.com/b0d/1d3/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69671381&instance=softonic_en&type=PROGRAM&Expires=1440424656&Signature=haaaC0Sr-6Cr3b6KYx0BhM~hobonK2l247qGP8ySsLjg7lvqZFsTXk2UfmgSEA-BDAzUysc2YfQ7Lya16hyzzgOUoH3oonZQv7tMsyMtJRxDOruoTJxKJAoNpFlQD~rabTvpssE81vzA673fmIYedJ4yEWLnPSv0WlN6kGuQbwg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Nymgo-5-3-19.exe

http://gsf-cf.softonic.com/b0d/1d3/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69671381&instance=softonic_en&type=PROGRAM&Expires=1477587787&Signature=PWZEMCEjSYCioh2l9A7Tq5x3m-jpT0o6GTsaWii580c20H4vsVDni~HY-x1vsvVgnKZV1B565zFVjVmMLShvUEAiA0~sY7ta7FkSCX355T8T1zwI7RPJGwV1XuXDWo-FOn66vUxA~yeG0ZFixY5P7716xCnyfntq4fXKR3SYIrw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Nymgo-5-3-19.exe

http://gsf-cf.softonic.com/b0d/1d3/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69671381&instance=softonic_en&type=PROGRAM&Expires=1478497659&Signature=Z-oRInywzFixh~9bN5DsBY1bfz1AW178GjjgBvW9zsy4X14dgj6E0xFKFLZYq3oDEnEP5q5uCbHcEkwO12GlOrtk31TE9UvxRJewCqwOk4J6KXrPtVNJeymU9LJPPua1NpNEjz8ClUWfqfp0FAIAjJ28sK-Bnv2gEZgcFFLcafg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Nymgo-5-3-19.exe

http://gsf-cf.softonic.com/b0d/1d3/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69671381&instance=softonic_en&type=PROGRAM&Expires=1476075698&Signature=Fhk4l7QYu5OUwM11OfVJHt8ao~OJu7Z7KO1XZJ60Us6DIvOlataU1C3CPv21l85ClYCFJKOkwEFMZs0CT0UyxrQtksMPSMLIWfk2JXzHbYVSQqC2EiSZTTdG1gRhxzNbttKu~Tf1l2WQLh~exGgKCjIUVlkkwdr32ZPhKQffgbE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Nymgo-5-3-19.exe

http://gsf-cf.softonic.com/b0d/1d3/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69671381&instance=softonic_en&type=PROGRAM&Expires=1444205019&Signature=SNAJ6lmYYX2Xvdb7c~IQgRsBKydJ7NYUh99u~s1DSxPOfW212g3khlYZmHWPtJ1SSLjzgfJhJ3D-ee7Ci7XTyy2jnFLpia3bYy4jkCx701ZLOW8ujF2MZ2CvxKRLz-Om2ggdJkzJER8F-uRW~dId8XFzGTUdeMABTS5U999Ty8Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Nymgo-5-3-19.exe

http://gsf-cf.softonic.com/b0d/1d3/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69671381&instance=softonic_en&type=PROGRAM&Expires=1441826086&Signature=BWG~20e~smzNEHR5YtaGsDGrHLRmF8RgMDevS4nZUZnopfmD~omEkkhFzYRMhlpikxLYAcnI09nqhIMm3LyIGYQAzgbIFnYWNpk0HUrPD5eNsy0E59Icw08Kt~N4VX6g6sP0I2zl1GgmHt3bzbMSCGq4lJeJuHgni2vRCBubhcI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Nymgo-5-3-19.exe

Scan nymgo-5.3.19.exe - Powered by Reason Core Security