yed-3.5.0.2_with_jre_setup.exe

yEd Graph Editor

yWorks GmbH

This is a self-extracting archive and installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
yWorks GmbH  (signed and verified)

Product:
yEd Graph Editor

Version:
3.5.0.2

MD5:
2056a8432f9f2fecfc821f5f7853d362

SHA-1:
687dc4803bd0722ced843669a3b14f9e15b10a24

SHA-256:
7d230c2ef70981ef8994aac16627a8ec6bd5f41d3d44f9c39e00fbbedc443f58

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 10:34:18 PM UTC  (today)

File size:
37.6 MB (39,470,264 bytes)

Product version:
3.5.0.2

Copyright:
yWorks GmbH

Original file name:
unsigned_yEd_with_JRE_setup.exe

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\yed-3.5.0.2_with_jre_setup.exe

Digital Signature
Signed by:

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
8/12/2008 8:00:00 PM

Valid to:
11/8/2010 6:59:59 PM

Subject:
CN=yWorks GmbH, OU=Unknown, O=yWorks GmbH, L=Tuebingen, S=Baden-Wuerttemberg, C=DE

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
31472F13C77860AB930F69FABB6F7A86

File PE Metadata
Compilation timestamp:
1/12/2009 12:42:07 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
786432:wIaeZopRepUAPSuKiA4efZWH0PKHJ9GGY0kaII6mLa6:OeZ+QVNB6ekaLh26

Entry address:
0x11F8

Entry point:
4D, 5A, 90, 00, 03, 00, 00, 00, 04, 00, 00, 00, FF, FF, 00, 00, B8, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 80, 00, 00, 00, 0E, 1F, BA, 0E, 00, B4, 09, CD, 21, B8, 01, 4C, CD, 21, 54, 68, 69, 73, 20, 70, 72, 6F, 67, 72, 61, 6D, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 72, 75, 6E, 20, 69, 6E, 20, 44, 4F, 53, 20, 6D, 6F, 64, 65, 2E, 0D, 0D, 0A, 24, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9993  (probably packed)

Code size:
166.5 KB (170,496 bytes)

The file yed-3.5.0.2_with_jre_setup.exe has been seen being distributed by the following 11 URLs.

http://gsf-cf.softonic.com/687/dc4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=117800&instance=softonic_en&type=PROGRAM&Expires=1475067744&Signature=Vk28M0rk5fJzK6ypZoOK8HoY9mBzBihgTdw74me9LGEKho82ih8DeoJQKN018O98aezv2QWZCYRkc1lupgQClCMMUeWwudJYP-JSeDu20nw6wuDOw5ek3ZvH9l1zaRBy-HJSr0hIooysWfBmpzdKkKrbEyvtZO5fBnKgMCk1LBo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=yEd-3.5.0.2_with_JRE_setup.exe

http://gsf-cf.softonic.com/687/dc4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=117800&instance=softonic_es&type=PROGRAM&Expires=1462654296&Signature=JO-tAB2dsbHYShJMMQiLfiUmJWXyHiRqzwdCQ~B-st0CmLtULvdwlDUSEG1KXgNDuCC~tjc0dnjfFmctdhoXPb-2u1CSbKzfabTQ4kPPPAl5vrX6z0ZhWApu6qx4ctkwFpSFmsFMzvmq6jSJA1UT0-hzWQmCF6GeeExwRK2~BG0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=yEd-3.5.0.2_with_JRE_setup.exe

http://gsf-cf.softonic.com/687/dc4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=117800&instance=softonic_es&type=PROGRAM&Expires=1445045589&Signature=O2fQho4kdPQZ1B6~P67-L34CAiGafAlat~XbdVSiTQHHDCmarK3oBzh5uFF-wuXVH6BHN-veY8iBAJNXMzAvtI2U657gTIm9KMAhX6h0w8LoGD1lkySqfOr4W6~RC~TxG3Zoe2hbps1Optr7QMow9YweqqQcpxz4djpzhiRgoSI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=yEd-3.5.0.2_with_JRE_setup.exe

http://gsf-cf.softonic.com/687/dc4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=117800&instance=softonic_es&type=PROGRAM&Expires=1447475535&Signature=UtCLE9-wz71A8WibIW2zxBedS0DKi2usAJt~NUA4dsSsoLfXjhzisNEswgANvagFMHhtcB5Bsi7-ATu6x2gDM2qxdlGFN85AQ2udVuteaI2OKj3nRcWqpj~JG78~iF8Hy8zs5g6TmINX21GBXUGlcmn6WjUJ5pEH1QnLZUWQYW0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=yEd-3.5.0.2_with_JRE_setup.exe

http://gsf-cf.softonic.com/687/dc4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=117800&instance=softonic_es&type=PROGRAM&Expires=1469456306&Signature=PWxSzHZmMlEb2G1dlF3qbr3GWiCXc7y~XwCV5TDrXrsxlutcQuMWNbkSspcbHaaWloSjr9ORYYiuGPIZ~cQWvbCu9nvSxYNjAlUP4-I7IkyXQpdEauj46tSbMD7bWYspr9I5i-l~8xp339P2oabAwbfzcjgKiQw9q1G1rcifvUA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=yEd-3.5.0.2_with_JRE_setup.exe

http://gsf-cf.softonic.com/687/dc4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=117800&instance=softonic_es&type=PROGRAM&Expires=1479130290&Signature=ZOQr~d5dMRDIbnLUpI2ER4Wi-38~lcHoF1RWuzggmitw2ZFDkD8sjfYqVnlbLdxZ7Mb5HqwxufIh4e5DbSvzq0U3uJj5S2Yp7xV4z9QA9P9uOQh99ywc3onUwCi3g7kZc6fh-3VgOQs31WWtQIZLEeURUluYMevgctJMnuUL8xM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=yEd-3.5.0.2_with_JRE_setup.exe

https://drive.google.com/uc?export=download&confirm=l1Yc&id=0B9RoB6qRBaXIcksxZU03b2FwdDA

Scan yed-3.5.0.2_with_jre_setup.exe - Powered by Reason Core Security