» openfm_setup.exe
Overview
Analysis
File Details
Downloads (50)

openfm_setup.exe

GG Network S.A.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

openfm_setup.exe

Publisher:

GG Network S.A. (signed and verified)

MD5:

297316c890fdf2852c7a43c5de30bb93

SHA-1:

2ece2d4066211e7cde1292052df259f681724d0a

SHA-256:

aaf475db091b68058c6aa2ee30ea33b2c3aeea5e7f64d8148b3342bba8312cfd

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

12/26/2024 7:43:51 PM UTC (today)

Scan engine

Detection

Engine version

Trend Micro House Call

TROJ_GEN.F47V1127

7.2.212

File size:

18.6 MB (19,506,928 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\caly syf\other\openfm_setup.exe

Digital Signature

Signed by:

GG Network S.A.

Authority:

Thawte, Inc.

Valid from:

3/7/2012 1:00:00 AM

Valid to:

3/8/2014 12:59:59 AM

Subject:

CN=GG Network S.A., O=GG Network S.A., L=Warsaw, S=Warsaw, C=PL

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

1E4A8091705C037FB9B7D67698682916

File PE Metadata

Compilation timestamp:

4/10/2010 2:19:31 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

393216:qKBV6Fdcr78v2oxadGrcOfw+ReghRzWCAMx1U0GJFaG0K1ONht7bACopgy+gKfax:qK6jVv2FdGVfwWRzskU7B/4ntHlo8IP

Entry address:

0x354B

Entry point:

81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 84, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, B0, 82, 40, 00, 6A, 08, A3, 98, 06, 47, 00, E8, 67, 27, 00, 00, 55, 68, B4, 02, 00, 00, A3, B0, 05, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 86, 40, 00, FF, 15, 80, 81, 40, 00, 68, 04, 86, 40, 00, 68, A0, 85, 46, 00, E8, 35, 26, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 10, 4C, 00, 57, E8, 23, 26, 00, 00... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

25 KB (25,600 bytes)

The file openfm_setup.exe has been seen being distributed by the following 50 URLs.

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1476036582&Signature=XRoJItMdXviTTUKVNxruKVZM-6Gg149BKymgzThdqBJBPY~TZ697UWNzSz21dUKwrb1hLt~o-OxnimLfCjYKVEuwaVYKQ7XrEK-RoluMOtMNFDwG7PSIdq0Ep5NhXmuuZH6xHmTWRYrkCg9A-KoHOVsWwPhSUSDFV9UJq7Slt7I_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1487447149&Signature=Z2mmiG4msjwtbaH87ai4bKWupIggKnhtTb-B75HAgm0YHIhb934YuEtCo0ixZf978R-h6-bC8Uz4~WE5mQua95MuHwoYvBcZ4Mm2oE9abPHC4lagT~-3M0r9bGS1wZ5Sed7QmxQBjDp~5udzMsB5zd6u9W2I2OrOWwJWAKRPxyI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1476152755&Signature=JCwTxri0N9QQ1vT9UGyl9wS6VjB2D0UuU~89kLrxtHP68WXWNOON542nnr1l9NVrUJCb~9eOyZwqRdqR3krU~8RDPZ8B2dBbfPBY9Fi-dSQ7XkwD2EOpw4cLNNild1ywQ5CcxqJCzY4DbPj08i7avpzOP9TwE4~013NmAS~162s_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1478320886&Signature=Krvpq1kauMnvDGXOgSi3z3LexNNMjyxqfWG1XaL-x7dEkz2HJTFLaRf~jKyIq87BML35WyLJCThO5hJBISFc6SuEdcxw-uhnXFdfHDUF0xlXNPotlYL7PJTUlUpshgQaL71v7eWRD8-9boW5E0jtuG9wkDtS5or1zbVori9-z78_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1440026738&Signature=iJlSxxne6yyUG2rRIFW3hrVJCcbGTqBFv8~n8nbARVryNB2wlFz97Dzcj0ByPdMiwFFj-WnSJd~JuA6mq3oTeBt6A-sJT4WgNfZFdMIHjGyqSGtntq6T~WiyQgvyuei6-irw4GsEFsVXlSKdr2OqJ9RNhqIjDEjU6E-IGy-CCkc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1476727609&Signature=hFZTI5FhbtIqZxVKffkabbZup3pC8hT7u3~X7T5gQVkM1TR3NF63JAi3QAOaWhJFIEHDD3NgUZoZejGjh9jSa0WiOToFhI3nLET5aiF~8Qdfbt2W8P6qMXsXBGyV6k7I3m9TGxklLXIGb0bsD8gEhlEq-8bw99Nv0PE-ZDo5hqg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1478401063&Signature=cYKDMYEAMiM7EvLSJJ8z32AC4Rskg9UzB6QUt~955yWslhxA7OmDJKq61JXE49h4FP1bYu5MsmwMFRQfCF9GruaaHyYj2etY2HS4zHKz8kjVc9KTDShKWv~TguZfqiMOeRFyVMsjIZCD1nFpAFemzHXdiob7CYFWc8MbSiSIUNI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1442296440&Signature=CyFqT0eV1l8A2pXylBTnBlZeNLP33hKVyLtW8ZJLNsNTpqflW2XgXp9DaChJIG8bKCxkYuzbXXOG2YqapXQjmJxMXRZg7976MTqG~Ffyaj~SQbuoDA-J5UBzEKKg5gD2YpM-9jruTim5d7jO8wj7xisltyl-f-gUihD8fz0wSQc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1477031278&Signature=QL8udDtfYU61RM6~j-di4PISusF8oa5jze58r1-UodGvfSbm-bTDAfj5y0fxBkrI1XO-UeBXZopscFrQuJPDL6YbOjpm65adOByaj9mIn1ETZ9GvfFmQZDjuByqoQWaul1DLB6~sM869bmFODFNpPgyYlrzAqQ2XotOrEYqQJUU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1435953205&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=MOvGTRTmNmPnrFSmPCd2n3QK58cSyYlcfW2~ZTtlM1QwMf49CeQk0j-bgL5Z6PZms0VbZnUD0qkuW6bPq7p09umc0HQZrx4pA9cgwZwqMFZx5naz15OBNNVtwFGW9Nb4r2vCWKJqHG-pFZ15opfuNuanW-i7RD52dQ6yrtIry9I_&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1445319190&Signature=BJxQWwOgpSB4gmM4nUgrz4HPsDjsZnjdrFheKIL3VZHfrDWnNl2LiSRYXjdADnBScUVe0uqGuMtcSpoJiNCU2ymt3GNxQFgS4xkbD~HjadJ~ONN6WaN7Hm~J9Znn60wZqS8ZGrFTkCyUe-jTjVH-m8K5lA2MIBMkRGzE451Hn3Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1440634686&Signature=K-7giUy1imz7RwNIFTnuEwz0Xt~wglPiFjNZGHzeZQghSktViJi2hGUzQ-EmhnS1UcxCrJ9Lnqn-ywrDd8YnJUWkcMrgIoNi~eSnef3Z-2jbiMGPM1y5PUJsCrSJTzvknkGjH0MKrNtak~y1Lh6EuTsvRIL1qgVZG~7Da5hjI6I_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1460229697&Signature=Le3ZQmxqbdpPw5zu0lR5g0TkIsGCGge9RhEtGRzhOng1HHKAOjafX28zJINjBi2Oe~yuup6oXOy2tLKP1JH31yJOpCke7lyAWGeFDh-3xVTNrUhBcL~HnfuVpdoA4qZjizyhg2ZRGSlcSYxwif9aFIPrc0li3sa5xt3bUJm4TFc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

temp:openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1433889297&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=Zy8cKJojXaug-fCO9LwwVzDki6FqVHA-zfn2lXNLZtkPMealc~OzEreLIRmI8Gi3O3v5RE924tp4tCIrxZ2nrGMFLfjwSTE-I~KdFa3vj671C6xVbzPvXxT7ou6~FnFtr35sFy8FnGFfJfqPEWMAjWmxSIZn-czbAx0xoOv2ahM_&filename=openfm_setup.exe

http://open.fm/.../

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1433359480&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=C~FMQWy3SyyIBLg-uxr~PjcnyCUxez-zJOx02cs14o2uJaDP7~G7AlaneGHuHB3r63E7gU2FPJcvUqg2smOiHdYIw8XJ9oBOxeHQjg0WqEslJW-1Zy~uR0rsk~6tSq-LN4Ma1erL97QXywdXGNiurdzNfIKAmEfEBUDdNqh3-Ac_&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1444893460&Signature=MezgmQrcUQdMxnJ8O7aIGgavcKmbax24MYDKYczQgwCLK-Of3KEW531ggnr0jUsTwdzcq58WJsdaXqpxXc-7QTq9JtI0n-WI0Fffss9-eXGgLb3wxmoB2yA0NfVjn8PpF09z54pRydpQzfWPZtGbhucosphXfm~wnP2i1-29hkg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1457082401&Signature=REAX~gJdcxmJe2~P3cIzMnfC4Ojx4tCJhR-k5bfLdiJW-4puFCusPgPq5cy99KnBN6jp7jr5fCXJp-l-7bQZGWhdT47WlZYGpdO6DWj6pqv9FTE3A~u6rMqIKLyuXlvPdRbi7BrpQHCpWIYTF1m6CHZ-HjxKHzYP2Z0WteTXuhQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1456967418&Signature=EL-SEu-Ts0NzRTD44iMsRPejdLLwJ9pY2y7y~rLP0gjzEr~uStn-XeZ7MmLEw22fUEXNN9fqgOIsBEBva8R7Z2QA5fa6lQYhCTeOMgwv5~A6SvRP8d0EBFtYgyTT8Yuw0IRRkQrkAoG-qzb9HtkW9u1wZ-6sqR-tNCNATIfx9vQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1460933839&Signature=Xb40PkQQIowtcKUv6i4x6JI~I5ewik17paptbYnTYC7uv~k~0KHJkXktj8c41bc6vv3eXYHo23KuQcV6ZDh0gCs9cGIWIQgtdDDk0GrIkgmkMX8L3ohd6Vt2kbTj3wa3sZAF4KljiMqRPolruKGVnTN7o9q7QkRdAtBhaVgoi2Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1457830720&Signature=A5VHNQ86mia5qf8m7C7RgxNccc--3TYDqqEawdLUF3oxbdWYX3vxUPtrId7auMfUTMUwO9wiN9QflPMQqV6ofr4h-pVdCocUc5eATXyog-3NXstgh34l6ZvR7bUuTfO3GExb~7zxMhX5fcG~Zppc-YX6TJc2BES26C1bgxy9l5Y_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1435541798&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=X7HYM8oYJebpD6~cBmzIY-5z6e33Z4VlL-n7hUM59TAUyMUpvHqvn~kTQJBxmRth-i-psdeOX0LijUQBrQ84AnDxZuMYlPBZ36tpgyMxv2hDVvMxrgxgojbcFa1mFLr9Rz0hXEkX13JrfPtrbI~KUEYeX7iAdPJDlf9JGoZh~sI_&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1454042232&Signature=BqfLkeYFdSzA00yfriE6QeUWI5l9e~whxIiw1HuIqJSIqPlYfjmKMGUB96~m1kCaa-gmcB6UcHyahcYRQcxzgmlmquF4WijSiZfqtaQCGQQ9QgSTdaLU8GOyfDay41JH01gIyBxFrjlEMU6KhE0WjxHnqmFR8d6FB3vvW3ScmGk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1437831208&Signature=IWEPs1qu9TQ7RckKHMhpptHtAbhEWTD8~sAXfes3E9ryqmW8fdEloS0Rqqvv9l8YAwhYGxQ7rNWyhvCY06TL-ZzIUXokr66X0Tm2RjF8Iib4HNX85dI9Lf2vKQJavkhIlrRWcCdszaGT0DXbmdbjjuK~91wubYXZVWHRpqsPzyY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1430356495&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=OJt69Zj28r6pyvL6J0izNTfRCEQ2wPYTIQci5ExeDZWs3HZ8engpv~0NBmuMQqEtqrspTC-J-aG01vumS~pAQeeTA2FPC-EBTobpBrzmoscZ1pThTIlCsf5Q1NODQTRmGVKRguiz67cYceTjl2f4Kx8QtgW1BLUgOTIwQ1eW45c_&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1445221948&Signature=ipEItkw5Om1KVzwuz6PnTEUjVtHSOSbYRF3i~HO0dG80M5cCu1MWWiQ1vz8vz7wNgduWCTjfvFI33VtnQ0kCv3qR~M7VCMp0Ha59pkH5vfMyvsUnR-vvQH5XzaZlb2zMq9gz8lX5HsA8KV6waOLz-2qjkUEmEsgOqayyq1CVGvQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1430501050&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=TBH20Lm6vwhg7fV9PdsyhktbkUUaJgIF4yIYxxDU9~bShc73XDYDnS63XIi37GZdMu9lJw9m9bD0UN3h-ZsdVOJJDJTXoATReqp~ZIcxdUiDHT6NBSQyj5g6rV3bCXM6aUE4FwvgAOJRiKwnZIN570VkM1NWvCqaW5bd-Ua42Ic_&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1431561612&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=Zzn0LoywPvkWfLh-2OT7ets2RXWJ-eK3r0qmf1EoFgRAJku4oG2v3QaZ1~jPFpireqMbnv0~LgJ4M6HuF2oTmeu~InP1wXt5gMWX1wKR7xaADU~67mDA59IvUAblLmBZX2CBUxAP2M2mtmUtjkPQQM4O~gW~ziSVzSTdsVIPyh8_&filename=openfm_setup.exe

http://gsf-cf.softonic.com/2ec/e2d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=130184&instance=softonic_pl&type=PROGRAM&Expires=1453451116&Signature=IAbbt5byCJ49JloixHLSZn-~DHqw3~ebDsYUYUZNLXRkottssu~lB-zXHSMv6U0N67w5nIhOp35PSu-HrsJ~jalAms200Nz2IgD-UA9v7DkK51q8PD1cLqUzl0dLkWzqbL~uLeeuS93krYYpSNN~7OuptfJ9pxp6XxOJxLNjRoE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=openfm_setup.exe

Latest 30 of 50 download URLs

Scan openfm_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.