» bh-setup-ngt.exe
Overview
Analysis
File Details
Downloads (13)

bh-setup-ngt.exe

BlackHawk Web Browser

NETGATE Technologies s.r.o.

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

bh-setup-ngt.exe

Publisher:

NETGATE Technologies s.r.o. (signed by NETGATE Technologies s.r.o.)

Product:

BlackHawk Web Browser

Description:

BlackHawk Web Browser Setup

MD5:

f77ab864bf005e07006abdfe00a76381

SHA-1:

f618c5cc1096b22e6b655b13a7060d70cf771973

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 10:31:34 AM UTC (today)

File size:

21.8 MB (22,849,208 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Yansiz Dil

Digital Signature

Signed by:

NETGATE Technologies s.r.o.

Authority:

VeriSign, Inc.

Valid from:

3/31/2011 3:00:00 AM

Valid to:

4/20/2012 2:59:59 AM

Subject:

CN=NETGATE Technologies s.r.o., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=NETGATE Technologies s.r.o., L=Prievidza, S=Slovakia, C=SK

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

2ECC1DFC1728AF219853131958879016

File PE Metadata

Compilation timestamp:

6/20/1992 1:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

393216:VFygNROFiMArcDwpyAu9qQpU/jwb79dMc3u0cizhztY5vk1TdMrMEIWDI:V02ROFiZCwpyXQ/UH9iKukFeK1TdMgBr

Entry address:

0x9C40

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

The file bh-setup-ngt.exe has been seen being distributed by the following 13 URLs.

http://gsf-cf.softonic.com/f61/8c5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335934&instance=softonic_en&type=PROGRAM&Expires=1475273582&Signature=Q1lPltjauB6NtY1KXESJ~8w9QcjLXtUcxOxXX3~3xczTHyuI~9ief4PRA3f-aN6FZ14bRii8A6z7UguhOwoIcs8uVJSSakmr3MrNMkBN8WzHF~P3yNdlC5sNcHqRkmHut236rG0dWoFOlMz5YtooaV8-RrLSG5bFV5-j4PDqOSc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=bh-setup-ngt.exe

http://gsf-cf.softonic.com/f61/8c5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335934&instance=softonic_en&type=PROGRAM&Expires=1442445844&Signature=J2ukNSoYGecMxoaUyIVP6T7DEpFhpa3Rh0fw8mJjP6rahOel0G2crhOpdP1DquAejASJcA31IIYYM4lukj1b4e87bI24xEO-K-5aM5uaQeT~zQqfZ-zKpi0T~tFS8tzsG~75~qJ3RWR9z4ERlPpiFzH9UmvTEL8TCjfKnjX0JW8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=bh-setup-ngt.exe

http://gsf-cf.softonic.com/f61/8c5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335934&instance=softonic_en&type=PROGRAM&Expires=1477457599&Signature=PKPUZ5OVdTaf3gJLGiE3stM52xcpUdZN8CDpfi-d9GcOBJzaojvmz9m2JALuVhcv0VQu3FDZkXZMZvzFbvpE5449pQn92Wf5HxEr9vqxVWZteHMFNNsS7tV9-pHLLkbnfrcZV2aDmL8vpx7vP4ZNIIKn4yjja0sR5pX~ngHVDnU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=bh-setup-ngt.exe

http://gsf-cf.softonic.com/f61/8c5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335934&instance=softonic_en&type=PROGRAM&Expires=1477966363&Signature=TQgC113HpLrMaPaIx1E4v-B5KMdrTxzTlBxkat5aAUV2sy6BsiPZcjD6Is4fLRqjSLZCN6oVmnN5J5qLgXjIMs9YeAOIFj5OTNFBOfGEHIubXvfO1j2UNDCUjnRHztDm0HUcLz5n8TGF5VYHi8e19tkfLkP~3-4iZDnTAkAeEa4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=bh-setup-ngt.exe

http://gsf-cf.softonic.com/f61/8c5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335934&instance=softonic_en&type=PROGRAM&Expires=1479383761&Signature=UowZUqvTZ2c4RN35445upHB9kwjSAjEgBs7F5klKRzu1SY-UYgqhTwcSZiNa-lDLWagkFxvK5YvlvyyKDBPxejdxJu-IeJfNJtajtb83UDSY-0tFiknQm7AqamLQH2t~mKkJUpf8E3v-mhQFtt0KP8i4LKq93Ku0shaHIaiWLf0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=bh-setup-ngt.exe

http://securefilecloud.net/.../blackhawk-web-browser.exe

http://gsf-cf.softonic.com/f61/8c5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335934&instance=softonic_en&type=PROGRAM&Expires=1476839756&Signature=EN5jo21DBoEjz257a8PC2xGhC8PLirOUggfxL-0PCel1zwZ1Z1Y3WbmTwcggx7zHEOfAlJxuDTW~-kCaS9X0glM0~ypWcR3Q7HjrIpJ114nZloIaFrRIXVqVzSRhDiLveFGfFpcnlc~ZgKsjHQ3NYb6e6TLMIqAdoqLyrGu1vPI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=bh-setup-ngt.exe

http://gsf-cf.softonic.com/f61/8c5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335934&instance=softonic_en&type=PROGRAM&Expires=1477364426&Signature=Z1eaag~ttHrM2i~Nmc9LPE9kdB93jweVKyRh04U3HftoorWXpn2TfVv~w59mKihLyxxM~df48gZ4tfGvPRi1vzKs~bh2l6w8zGfQedBZbcFSeW4NZhs60IhQsMLmJUXD1lOW6zILb7JTQ7toLlqSM4-OYs1b3-4-B~YzJ2zRQ28_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=bh-setup-ngt.exe

http://gsf-cf.softonic.com/f61/8c5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335934&instance=softonic_en&type=PROGRAM&Expires=1471059547&Signature=dpnRW6KLF4vPz2ig8n65b8aL8uUpHzoHQjIjof9etJD5G2CBU2qwwHeQajNMfkYGxzhwhpBwDXATsHZX6lbdm0aaRZiDzTxMoEINMGDGxukb1p4zJLOVYz2G0Vop8PKxkWvPWHYnWLwZ1AYeboYFXqyVolxdkWnM7GFDVHzckIA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=bh-setup-ngt.exe

http://gsf-cf.softonic.com/f61/8c5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335934&instance=softonic_en&type=PROGRAM&Expires=1460717678&Signature=XuqOA-DODOi45fVtUYBTpegw4phLjh~CMvDkvN4rJaRW0kt~WoIyMMm~xoOthNROunqXY3pACpCPTylkR9XzdedNFuJI2b8gRisDdTMBlqok08TbFAgTBMlbIF2e7adhYahlVBayGrbQZDRnJIJSO8kyW-q63k-lEWPQbeOAXAM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=bh-setup-ngt.exe

http://gsf-cf.softonic.com/f61/8c5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335934&instance=softonic_en&type=PROGRAM&Expires=1458894138&Signature=LLtc-ci6Y8grYNdqgvUT1DatmPTy~p5g5eD-LEpTcgtrBIXdG1rTP-OjpCx-8NxZgaWKDtNrYVzUVYnpQU7UkQT8KpzY9QW2fu~-uF7VPxLEI~CqbaXRxbT6OgRB7pYv7bIAQTCwg-ozOaONMuvBb3dZiF86PUxGgJqMOzedE2Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=bh-setup-ngt.exe

http://gsf-cf.softonic.com/f61/8c5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335934&instance=softonic_en&type=PROGRAM&Expires=1446361733&Signature=OuEjLm3re5xKuxQ8S2gkntXvO2hEib04iFk6kwcDQxRyXsQCpUi7QVMC1D89mlYqjqp86QzGnZge3g2fpAng-hZBDqej-S2-R-oo29b-sPDZNg8yyh72hvYOZ26A4NLgujx3ji4CqUVRn-s63thqhZ1JJHjdIiS~UPSBmPYG2dQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=bh-setup-ngt.exe

http://gsf-cf.softonic.com/f61/8c5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335934&instance=softonic_en&type=PROGRAM&Expires=1429987141&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=dMixNPJW2UiZOCuSvhxCoE7UAQgmdhsZ3fkpKoWfsXuyPecVtEwvhG5SWsr0BlO2ItvkxtgSw1UvBuLO5pu-HJoFVBgMSuPp~gVqUjbjGdoPpTBvczR67fkT0VFbVJfe6QJ-f-pcHHpAo-J5YMXWW20ty-dbLK7cLuaTmyYPj-w_&filename=bh-setup-ngt.exe

Scan bh-setup-ngt.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.