» setup_galaxy_1.1.10.47.exe
Overview
Analysis
File Details
Downloads (11)

setup_galaxy_1.1.10.47.exe

GOG Galaxy

GOG Limited

This is a setup program which is used to install the application. The file has been seen being downloaded from www.bytesendclear.com and multiple other hosts.

File name:

Publisher:

GOG.com (signed by GOG Limited)

Product:

GOG Galaxy

Version:

1.1.10.47

MD5:

87d854819f44c4696deae86716711480

SHA-1:

f34ea23d724d335f31f0bae69640ec63ea000d15

SHA-256:

4063dbc47039bcf153f5dc61a25ebef093ee9e8e54fe2e9178d624d607eeee13

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

12/26/2024 2:56:33 PM UTC (today)

File size:

134.1 MB (140,619,040 bytes)

Product version:

1.1.10.47

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\setup_galaxy_1.1.10.47.exe

Digital Signature

Signed by:

GOG Limited

Authority:

DigiCert Inc

Valid from:

4/2/2015 2:00:00 AM

Valid to:

6/1/2016 2:00:00 PM

Subject:

CN=GOG Limited, O=GOG Limited, L=Nicosia, C=CY

Issuer:

CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

0B84CDECCABF7D06904BFBE923C3CFEA

File PE Metadata

Compilation timestamp:

4/6/2016 4:39:04 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

3145728:Vr3A1iS9w0i4OgqsnHUFWF3zMWLV0X/DeFtiVPvQes708Nr:0ZZi4O3UHIAojX/DfxvT8Nr

Entry address:

0x117DC

Entry point:

55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 44, 01, 41, 00, E8, C8, 4D, FF, FF, 33, C0, 55, 68, BE, 1E, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 7A, 1E, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 0E, D5, FF, FF, E8, 5D, D0, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 23, D6, FF, FF, 33, C0, E8, 60, 2E, FF, FF, 8D, 55, EC, 33, C0, E8, A6, A0, FF, FF, 8B, 55, EC, B8, 58, 86... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

65 KB (66,560 bytes)

The file setup_galaxy_1.1.10.47.exe has been seen being distributed by the following 11 URLs.

http://www.bytesendclear.com/ns2CLxhQlz8uM6M6nWheHW9hYDmJKPjvnHevgMf1pGezYEebQ0GRkCxJsaGNUYFjyfMcUMPkC3JSK8sZQ2NYN9_nDnPm6VS0oLArLqL283J94vffZ8eHA dYVUnPhQotdYVN7z224o2NAaByzTdKOvvcloUp24n3Zl6WhZInNCTaABHJrggxsb1iINay3IXpoBoOT3HsbomJ9FSwn7c5qfzxvX4i_mNIoMVRYIGN4kDpb0x3eTTBI6poOv160xLZ8Dprjk4Q03hJrXciQnHmFYTxLJpmEC17wsfcHV9phfWH09GABrPTQUixbfP PUY98RvZctN0vFyArWYvIeCZ43oEK6s_wrpRaiG0gPxtN32 Pd 041oGmDY7Nikyi0FYRR Fn_Qcuq jbiEWIZaxdu5bqo9Bak47hp4i6k278TMSTasJmVLStqy_U0puv9eVT4QAQjGkIsbf5EEcfNyhF4mZtD0Bah8eI c9QxLQpznH0JJJkgdM04vc_Z0Iq6TBVHivLE9gXOhgQixBFtBfHu8EYyYrVmmHg46GfDTOnJwpmqLHndj4cHxG4q1M4jz2MWpHT AilJNSpAtO mQDw9 ZAlw6sjRC641TUhFImth7HNzdL8PLujNxTl7ZY6k8h47Y45U4-G2EAAGRxW0z8JeDJQrs6NmAiBw4tTeAC p6wDeSNKarTXaCcKuHROJ5UBZQ9niusZ_orvI7gHmRNLxmgXRXozSyZjah43uaZePIBVkkpGhKfAA==-E

http://www.bytesendclear.com/ohELnFgE30EVMgIq98WQEoG5CBpIIqDuUfbhOBG KlrMgwUvN7gMSwjdpVLviZVcViWy0dO2S1YvyOnwg45gGN6_iWXOQyQ8PqllUevLNvhrcoVx_AAPj2kFC O69BK9pkCKh81WiDmTjWDOQMPY3zKf9IOO1YS0MRARudkctQ2qAPIklt8OsICkqGl6XLUaeuOWwpon2FFwg5nNTFK3tiSyKdudESkR8ueQPuNH3pGVPLhhrga3fFBDQNVhgnGTWD2NXo2cByNXYx643a3rnRCuz3bhEybZcbYSRz3uYnb_YSgfAa9HdZ48kXJsH87CNmf9DDkFpKIlCjdnDLJL4oMZO07UOPXCIkbz0PxBbr2cx3Hmcfsn91eCHC7roiYueYFb_6kG1dbtVdtBKfeZGGRrPJlaZ9LEiD6kdIfp35QlJexTf2a_s5mXrMAux6YCrhWoBIanI9r6TfUVwp82FEW b7gYw_T3i54dH2VS1fWvM2RB6nXxeu9yVgPh_GYfR_R5GmPza7Zg7_yiVO0XF2XsKRjWMYshy5d0jk7_MaAcNKEOIA_NM_Mg247UFW7pbwK1Hvgdx1jYvLii0etUnxb693iraaPa59S4TblaGq2eCKkwBmw=-G2EAAGRxW0z8JeDJQrs6NmAiBw4tTeAC p6wDeSNKarTXaCcKuHROJ5UBZQ9niusZ_orvI7gHmRNLxmgXRXozSyZjah43uaZePIBVkkpGhKfAA==-E

http://www.bytesendclear.com/WVl6OTRQVzh4YVVWc00ydFNRVVlsTWtKeGIzWnJlSFJSUlRWV0pUSkdWRk5IY2pWUVRWWkxZWFJwWm5CM1RXWWxNa0prVUc4bE0wUW1aVDB4Sm1NOVRISlZSelJQV21OeWEwdDVSVUZoYUc5cmVscFZlamMwT1hoaVdWVlBhMlY0TjBrbE1rSTJZMVpyZEd4cVYxTlJiRmg1TTFKRWNGRWxNa1pNTTBaMVExbzFOM00zTlU5SU1VWkNUVU5PWVZwTWNtdzBWRmtsTWtJMU5Fa2xNa1kyWm5ocmVVcDFaRGwzU1VaUmFsVmxSWG8yWjJvbE1rWTNSVFkxUkRCS1pWRnBRM2h0VjB0UFdqTmFlVmxKSlRKQ1RGTnVjVGRKU2paeGJrcElZVmR5UnlVeVFsRWxNMFFsTTBRbVptRnNiR0poWTJ0ZmRYSnNQV2gwZEhBbE0yRWxNbVlsTW1abWFXeGxjeTFrYjNkdWJHOWhaQzV3YjNKaFpHNXBhMlJ2WjNKNUxuQnNKVEptUjNKNVNWSnZlbko1ZDJ0aEpUSm1RM2xtY205M1lVUjVjM1J5ZVdKMVkycGhSMmxsY2lVeVprZFBSMGRoYkdGNGVTVXlabWR2WjJkaGJHRjRlUzVsZUdVbVpHOTNibXh2WVdSQmN6MUViMjRsTWpkMEsxTjBZWEoyWlM1bGVHVT0=

http://www.signtowntoday.com/WVl6OTRQVk0xVFVwMWJETTFlVTE0SlRKQ05HWmpabGdsTWtKSmVraG1KVEpHY1ZKUlZFTkdWbGNsTWtaQk5sWkdPVWt5YUVGUE5DVXpSQ1pqUFdOdU9EaGxRM0ZCWkV4aVNUVjVXVTVMWm1GcmJIcElZM1oxUXpGblVXbHBTWEJhVDNkd1FURXhlV1Y2U0cxUmJEVnNkbXhFTXlVeVFqaGFURTlVVm1wd2NtOVdKVEpDYWpOd2J6aElTamxMWkZOdGEwbzBhMFpQVWpGVFNVbFpjRzR3Y1UxQlluQXdlbVJpVjJKWUpUSkdKVEpDTVZCblNUWWxNa0pwYnpOcmFFaGlKVEpDZUNVeVJuaHVjR3B3ZEZRbE1rSk9SRVYwT1hwWWNIaENZWFU1Y1dOWVNFRWxNMFFsTTBRbVpUMHhKbVpoYkd4aVlXTnJYM1Z5YkQxb2RIUndKVE5oSlRKbUpUSm1abWxzWlhNdFpHOTNibXh2WVdRdWNHOXlZV1J1YVd0a2IyZHllUzV3YkNVeVprZHllVWxTYjNweWVYZHJZU1V5WmtONVpuSnZkMkZFZVhOMGNubGlkV05xWVVkcFpYSWxNbVpIVDBkSFlXeGhlSGtsTW1abmIyZG5ZV3hoZUhrdVpYaGxKbVJ2ZDI1c2IyRmtRWE05VkdWeWNtRnlhV0V1WlhobA==

http://www.bytesendclear.com/WVl6OTRQV2xYVEhaclVuRk9hMEpGWW10b056VmtTVWhqZVd0dWR6TXlaRTRsTWtJMWRucFNRekJKSlRKQ2NGWTBVVnBSSlRORUptTTlRVkJFTUd0M1VVWktWRVZ2UVhKRU56bGllVXR0YTFod1JXUWxNa0oyVG14dE4ycE5Za2RaWW05RmR6VlVWMlpUZFNVeVFqVnNORVF3YjJ4WmJYUjZVWEJHSlRKQ2FraHBkeVV5UmtocVRtZDFhV0oxSlRKR0pUSkdaMjlYUkRFMFNqZ3hNbTUwVlZGd2VFMU9Namh4V1haQ1FYcFNVekYxYUhWb1JsUnphSFUzUlZOVkpUSkNOVlpQZVRKUU1XUkJRMmxCT1hobU4zTTRkRzlqV2tSWGIwbHVKVEpDWnlVelJDVXpSQ1psUFRFbVptRnNiR0poWTJ0ZmRYSnNQV2gwZEhBbE0yRWxNbVlsTW1abWFXeGxjeTFrYjNkdWJHOWhaQzV3YjNKaFpHNXBhMlJ2WjNKNUxuQnNKVEptUjNKNVNWSnZlbko1ZDJ0aEpUSm1RM2xtY205M1lVUjVjM1J5ZVdKMVkycGhSMmxsY2lVeVprZFBSMGRoYkdGNGVTVXlabWR2WjJkaGJHRjRlUzVsZUdVbVpHOTNibXh2WVdSQmN6MVhhV1ZrSldNMUpXSmhiV2x1S3pNclJIcHBhMmtyUjI5dUt5MHJVMlZ5WTJFcmVpdExZVzFwWlc1cFlTNWxlR1U9

http://www.bytesendclear.com/WVl6OTRQVVpUVVhaUE5YZExOMGxuUmpacFQyVmtNV051WVhNd2RFMU9jazk2WkdaRE1GSm9WbEpFT0hwQmFtY2xNMFFtWXoxSE1tWnVSVlpOT1hCa2EyVlNhRTlvZVdkTVdqVnNVWEUyUjFJNVJDVXlRbFl5ZWs1cGJreDNNU1V5UW5oTlRtWldWbU5PTWtocWJHaHVRME4wV25oeGN6SjFTVGRvUzFWNGJ6bHhTVWRGYmt0c1FXdEJSRVpxYkVKRVJIVWxNa0kxVkNVeVJuUjZhMk5WYWpOT1RISkVjVGRLTlUxM1FqVjRhbEZhTVRGMlFsTTVlVXhHVTBzMFJYQTBVV05JVGt4M2IzaDZVbkZzTm05TGQyWkZVU1V6UkNVelJDWmxQVEVtWm1Gc2JHSmhZMnRmZFhKc1BXaDBkSEFsTTJFbE1tWWxNbVptYVd4bGN5MWtiM2R1Ykc5aFpDNXdiM0poWkc1cGEyUnZaM0o1TG5Cc0pUSm1SM0o1U1ZKdmVuSjVkMnRoSlRKbVEzbG1jbTkzWVVSNWMzUnllV0oxWTJwaFIybGxjaVV5WmtkUFIwZGhiR0Y0ZVNVeVptZHZaMmRoYkdGNGVTNWxlR1VtWkc5M2JteHZZV1JCY3oxRWIyNGxNamQwSzFOMFlYSjJaUzVsZUdVPQ==

http://www.giftchuckleflash.com/WVl6OTRQVVp6ZW04MGRtMDBVMVpMZVRCaFRUWXlXV2wzZFV0SFZIWmpSbFZNU21aVU0xQXpaWEV4TmtNNE1HOGxNMFFtWXoxbkpUSkdiVE5SYTBWU1MxVk1RWGwzZFdKd1JFdERRbkZJVTBKVldGQWxNa1lsTWtKUmJXZEhPVU5VUVhWVVNtNVBkekZQYkRsVVdXVmpaM1poTlc1SlN6SllRamM1WjBSVGIwUkJTM2hEVVcxbGJXNUxia05VZUVGbE1sTmlZbmMwVlRrNFV6Wk9jRWtsTWtaM2FFSnBkV1pLTjFCRmNIcFNVM2t5T1hocWExa3dKVEpDWW1GRlJtNU9kVXhFSlRKR1owbDFNa1pvWWtGc2NVWWxNa0o2V2xKMmR5VXpSQ1V6UkNabFBUQW1abUZzYkdKaFkydGZkWEpzUFdoMGRIQnpKVE5CSlRKR0pUSkdjMlZqZFhKbExtbHVibTlrYkM1amIyMGxNa1pWVXlVeVJuUmxjbkpoY21saExtVjRaU1V6Um5OMEpUTkViakpOYkZVdE9VUmFTSGMzVTBrM2VUTTJTRGhyUVNVeU5tVWxNMFF4TkRZM056RTBOakE0Sm1SdmQyNXNiMkZrUVhNOWRHVnljbUZ5YVdFdVpYaGw=

http://www.bytesendclear.com/WVl6OTRQVmRWZHpWNWFuRjJNRTVPTURSVmRuWjZVazFtTVVWaGVFb3pPU1V5UmpSdFNsQlFSV1pCY0RKR1pqQTVXU1V6UkNaalBVc3libVZLZERSUlN6QTFhRTV5Wm00M1pYVjVVR2N4YTNaaWF6WnJUWFZqZVU1V2EwTkxTVVZzSlRKR0pUSkNkRFZYUldVM04yTnBOVEJaUlUxSlUzSnpVRXhwUTNOSEpUSkdlV1pGY2xCM2RsbEhZeVV5UW5wWU9VVWxNa0pRWTBkNE1GTnZTSG93YmsxV1VHSXlOMEl3SlRKR2NHSkhlRUk1WVNVeVJtRnZRVmRxUVVGSmJqRnpVWHBvYW00MFZFVnphRlZMZEhWRk1tTklWME5uTkZaSlVIcG5KVE5FSlRORUptVTlNU1ptWVd4c1ltRmphMTkxY213OWFIUjBjQ1V6WVNVeVppVXlabVpwYkdWekxXUnZkMjVzYjJGa0xuQnZjbUZrYm1sclpHOW5jbmt1Y0d3bE1tWkhjbmxKVW05NmNubDNhMkVsTW1aRGVXWnliM2RoUkhsemRISjVZblZqYW1GSGFXVnlKVEptUjA5SFIyRnNZWGg1SlRKbVoyOW5aMkZzWVhoNUxtVjRaU1prYjNkdWJHOWhaRUZ6UFZKaGVXMWhiaXN5SzFSb1pTdEhjbVZoZEN0RmMyTmhjR1V1WlhobA==

http://www.bytesendclear.com/WVl6OTRQVWhvT1ZGcVRHbHlkazVwTmxOemIxUnZKVEpHVEVaSlpFcGhPWGcwZVZVbE1rSWxNa1lsTWtaclZraHpUeloxYkdNbE1rSTBKVE5FSm1NOVMxRlFVRlJqSlRKR0pUSkdaMFZ1TkVWRlkxUk5NV2hVZVRack1IbEJhMmN5VGtsNFRraHJjVFJSVGpoUUpUSkdlV3RQUVc1VmRDVXlSamxOUldKSFpGQldWMkZGTUVGeWRWTk1WbGQwWjFOamFtMXhVMjFaYkVOMk5qUnpVV2s0Ym1kTU9ITkVOSFZUUmtKNWJHaDVUMmhVZWpWdFZVZHJkR1JZU0hOMWJVTm5Xa2x3WjNKMFRtdzVVamh1WVRsaWJUQnpSRkYyUkhSeVlYVm9ZVUVsTTBRbE0wUW1aVDB4Sm1aaGJHeGlZV05yWDNWeWJEMW9kSFJ3SlROaEpUSm1KVEptWm1sc1pYTXRaRzkzYm14dllXUXVjRzl5WVdSdWFXdGtiMmR5ZVM1d2JDVXlaa2R5ZVVsU2IzcHllWGRyWVNVeVprTjVabkp2ZDJGRWVYTjBjbmxpZFdOcVlVZHBaWElsTW1aSFQwZEhZV3hoZUhrbE1tWm5iMmRuWVd4aGVIa3VaWGhsSm1SdmQyNXNiMkZrUVhNOVYybGxaQ1ZqTlNWaVlXMXBiaXN6SzBSNmFXdHBLMGR2Ymk1bGVHVT0=

http://www.bytesendclear.com/WVl6OTRQVzhsTWtKd2R6ZHBOR0pRWTA4d1YzcExkVFEzWWtaNVpscERRakJaWVUxa1JHOTVhM2w0VTNGb1ZVMHpaeVV6UkNaalBVTldNRU50YjJ4Q2RqYzVablpLWjI1QmNVUkdaU1V5UWpsS2JVOUVialZsU1docmJVMUhNVkpFV25CNE0zSnRObTFDTWxoWVJWZFVjMHREY1U1VWEyMWFZbkJhYzJWSFJXTkJWMnQxY1dZNGN6Z3haSEJ6U2tOb1NHSTViMkpRYlV0cEpUSkdURkZOZDBkc2FrZHJiMGd5Y1ZOcllqaEdNVEZOYlNVeVJucDRWa2wzY1dkWWRFdDVWV3RGYW5WRWFWTllPVVJ6VTNOYVVEZzRRU1V6UkNVelJDWmxQVEVtWm1Gc2JHSmhZMnRmZFhKc1BXaDBkSEFsTTJFbE1tWWxNbVptYVd4bGN5MWtiM2R1Ykc5aFpDNXdiM0poWkc1cGEyUnZaM0o1TG5Cc0pUSm1SM0o1U1ZKdmVuSjVkMnRoSlRKbVEzbG1jbTkzWVVSNWMzUnllV0oxWTJwaFIybGxjaVV5WmtkUFIwZGhiR0Y0ZVNVeVptZHZaMmRoYkdGNGVTNWxlR1VtWkc5M2JteHZZV1JCY3oxWGFXVmtKV00xSldKaGJXbHVLek1yUkhwcGEya3JSMjl1TG1WNFpRPT0=

http://cdn.gog.com/open/galaxy/.../setup_galaxy_1.1.10.47.exe

Scan setup_galaxy_1.1.10.47.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.