proxyi.exe

AnalogX, LLC

This is a setup program which is used to install the application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
AnalogX, LLC  (signed and verified)

MD5:
70aebb0369d357b88359ce1e8505179c

SHA-1:
fa3be7978e37eb1395f9ab94199141f7cb1e5392

SHA-256:
ecaca6aa898b507b26b166d97b78f4c7a7b6514b548985bc66e71e8d34a6a9c6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 2:37:42 AM UTC  (today)

File size:
392.7 KB (402,120 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:

Authority:
GoDaddy.com, Inc.

Valid from:
5/21/2009 11:07:58 AM

Valid to:
5/21/2010 9:58:20 AM

Subject:
CN="AnalogX, LLC", O="AnalogX, LLC", L=Tempe, S=AZ, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
00AE55A5F80EE0

File PE Metadata
Compilation timestamp:
5/23/2009 6:13:39 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:xefdDoDLhnowxc2bDvJQT80jp0jQ9p6c789zCRbYj44mIwSUuAPq4sLH+/7f:wRoDLvO2bDSzpd8pCRbYjiIDUuuYiz

Entry address:
0x12357

Entry point:
E8, D7, 71, 00, 00, E9, 16, FE, FF, FF, 8B, 44, 24, 04, A3, A8, 87, 42, 00, C3, 55, 8D, AC, 24, 58, FD, FF, FF, 81, EC, 28, 03, 00, 00, A1, 48, 58, 42, 00, 33, C5, 89, 85, A4, 02, 00, 00, 56, 89, 85, 88, 00, 00, 00, 89, 8D, 84, 00, 00, 00, 89, 95, 80, 00, 00, 00, 89, 5D, 7C, 89, 75, 78, 89, 7D, 74, 66, 8C, 95, A0, 00, 00, 00, 66, 8C, 8D, 94, 00, 00, 00, 66, 8C, 5D, 70, 66, 8C, 45, 6C, 66, 8C, 65, 68, 66, 8C, 6D, 64, 9C, 8F, 85, 98, 00, 00, 00, 8B, B5, AC, 02, 00, 00, 8D, 85, AC, 02, 00, 00, 89, 85, 9C, 00...
 
[+]

Entropy:
7.7047  (probably packed)

Code size:
119.5 KB (122,368 bytes)

The file proxyi.exe has been seen being distributed by the following 25 URLs.

http://gsf-cf.softonic.com/fa3/be7/.../file?SD_used=0&channel=WEB&fdh=no&id_file=18000&instance=softonic_en&type=PROGRAM&Expires=1482378097&Signature=JJrFSlJBVTV7xrtxJ92Kqa1DPujqFKVap3UsgicSapDM2wewOK0DB~WF-AI0wdQbQs4qKVvqZ9-OMGCibosxuIaQIZEs2kZ4g-Ae4OtDS5Pl4ueU4VKiNQzPyi92pqo0Mvb0EF5JHUdW1o6~sqp49sgDdWdMEFSL~IrlJTKJjKE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=proxyi.exe

http://gsf-cf.softonic.com/fa3/be7/.../file?SD_used=0&channel=WEB&fdh=no&id_file=18000&instance=softonic_en&type=PROGRAM&Expires=1481250200&Signature=IIQpiAN2Rwlah0x3SnGEJyZPi~7-unDsP3PBtTC2JABdUE1SNRBySLP0m4WqtYGMe1IIPKxoMEL4Ia0IbDSf0c0f2oyMdqmYanCF5y3uZmpnh9brZ5DkvUt0zo73K6JKn9nEWZi7~6Us45t~pAnpPX7LNLZ5Iv5OXiiuz-g1i6g_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=proxyi.exe

http://gsf-cf.softonic.com/fa3/be7/.../file?SD_used=0&channel=WEB&fdh=no&id_file=18000&instance=softonic_en&type=PROGRAM&Expires=1476943562&Signature=E97HA-sfje-wdVoAL-JjPA0leZs4Q8vovjfRc67NC61PEfG988HbzQnB-K2Qt2Ud90ewFY3xb1-sGbfr3SctFQo7QPB0geztdH2DumTwSXSbrKxR2KeP1SwFUywpdWoKmVxnR7t5NyS~ME-bosQWSc5zjLyhAB7w0r0VmEQXsYw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=proxyi.exe

http://lb.cdn.m6web.fr/d/c/a/aa6e759ed7369862f7e414514cf760f1/57df048f/soft/.../analogx-proxy_analogx_proxy_4.15.380_anglais_10094.exe

http://gsf-cf.softonic.com/fa3/be7/.../file?SD_used=0&channel=WEB&fdh=no&id_file=18000&instance=softonic_en&type=PROGRAM&Expires=1476821726&Signature=hHVoFRTzLCMPmrhA83I3sWT3AXBbNcqXjHKgA0g0bCANwOlCq8f-a6P2Y49q77xSG4Y8USdzE2ANSWwjXXs0bHpUULzv5-4H5Bbfksaw9MOOqaCafUNPrcvgoUGQC6rPDpfnPJAaf7nyvJANVjz1pqj5S3ESUBzkl~xnrOdB5Rk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=proxyi.exe

http://gsf-cf.softonic.com/fa3/be7/.../file?SD_used=0&channel=WEB&fdh=no&id_file=18000&instance=softonic_es&type=PROGRAM&Expires=1448285689&Signature=c4u2TBVs90t8TWHGq9u3vzfgmEdR1fe9zF5-VhnvjefhrqS~CcpjsKo4wIZWDx8xjMcb2wA8yECThjMQ~pL22cYU66Hu4jOfWB8TgE51EnGhXwD51J0lIFIYLPj5Bbm~nOWnHggTVOUEuwuaqIddcxRjyzOMUbuPjeKVwglw4xM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=proxyi.exe

http://gsf-cf.softonic.com/fa3/be7/.../file?SD_used=0&channel=WEB&fdh=no&id_file=18000&instance=softonic_en&type=PROGRAM&Expires=1447916276&Signature=U3DyXX2uTEtD-8VZHbwt7sI-JWvk2eaGH9I9ZDVGTFhA4JcYGnDj-8cT1Ew9G9lrWcddqgQqkXE~DHrKtOfdEXTlHZ86a7hssLAF4qh09NqHIKI2JbiS4lpvGUHSuBQlXAa5Z9~0bOikByaTlgjVC3T2scfM1WxHdBnw5mseHfY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=proxyi.exe

http://gsf-cf.softonic.com/fa3/be7/.../file?SD_used=0&channel=WEB&fdh=no&id_file=18000&instance=softonic_en&type=PROGRAM&Expires=1472441184&Signature=VfAZwnnZinddqNRycT7Zv8ywqUvMhvu6Zm~I3~cQz5ISSPY3ZbtM6FsvQy2nKn89SXdAWI1i4xvqsW64TGraIAXybGKgYM5RISAXp5hdaNcerL7l3AgJmCOpub-uyQG5F2L9~iUuWTi6jcjl6Teo0p5UBOK-2kbU349dFZZ7iXU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=proxyi.exe

http://www.brothersoft.com/d.php?soft_id=10832&url=http://files.brothersoft.com/internet/.../analogx_proxy.exe&name=AnalogX Proxy

Scan proxyi.exe - Powered by Reason Core Security