» cp_ga.exe
Overview
Analysis
File Details
Downloads (8)

cp_ga.exe

CeedoInstaller

CEEDO TECHNOLOGIES (2005) LTD

This is a setup and installation application. The file has been seen being downloaded from ceedo.en.softonic.com and multiple other hosts.

File name:

cp_ga.exe

Publisher:

Ceedo Technologies Ltd. (signed by CEEDO TECHNOLOGIES (2005) LTD)

Product:

CeedoInstaller

Version:

4, 8, 0, 1

MD5:

bdf5a9579608d4bce78dba16cd2a930a

SHA-1:

40e1768f11fd5b368524a2eb02fea8de92a0b8de

SHA-256:

4fbd593d9e8815937513402e86c103befc2619eca00f38913b0b4783acc418ff

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/19/2024 4:52:59 PM UTC (today)

File size:

1.4 MB (1,422,512 bytes)

Product version:

4, 8, 0, 0

Original file name:

CeedoInstaller.exe

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

CEEDO TECHNOLOGIES (2005) LTD

Authority:

Thawte, Inc.

Valid from:

9/23/2010 8:00:00 AM

Valid to:

11/10/2012 7:59:59 AM

Subject:

CN=CEEDO TECHNOLOGIES (2005) LTD, OU=SECURE APPLICATION DEVELOPMENT, O=CEEDO TECHNOLOGIES (2005) LTD, L=Rosh Haayin, S=Sharon, C=IL

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

40AD18F8D2DD8AE7EC7CCCE951BA536F

File PE Metadata

Compilation timestamp:

9/6/2012 2:56:05 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

24576:vDY9UrIN7ZG9WqldR0MXZRJdIip5yN7UNVhtOv1tbh9YHkfU+Q+ejRE:OUa2LTdIiKN7Ult8/fYHqQ+e

Entry address:

0x195DA

Entry point:

E8, CD, 99, 00, 00, E9, 16, FE, FF, FF, 8B, 44, 24, 04, 66, 8B, 54, 24, 08, EB, 07, 66, 3B, CA, 74, 11, 40, 40, 0F, B7, 08, 66, 85, C9, 75, F1, 66, 39, 10, 74, 02, 33, C0, C3, 8D, 44, 24, 10, 50, 6A, 00, FF, 74, 24, 14, FF, 74, 24, 14, FF, 74, 24, 14, E8, C6, F5, FF, FF, 83, C4, 14, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 57, 56, 8B, 75, 0C, 8B, 4D, 10, 8B, 7D, 08, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, A4, 01, 00, 00, 81, F9, 00, 01, 00, 00, 72, 1F, 83, 3D... 
[+]

Entropy:

7.7585 (probably packed)

Code size:

304 KB (311,296 bytes)

The file cp_ga.exe has been seen being distributed by the following 8 URLs.

https://ceedo.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAO7ssCxytyg/.../t7ZDyJXxDQ5cI7NLB7Y=

http://gsf-cf.softonic.com/9a8/28c/.../file?SD_used=0&channel=WEB&fdh=no&id_file=55588&instance=softonic_en&type=PROGRAM&Expires=1475892813&Signature=H7bP8yA9OYRURb9ihjLfn8Vvb8OfUEwEy7KTE1nLoU-M736mDPg-K6vKgiKhn3q2F1wqK4vk5-RnEVEIgUl3zybb9NLAU-yzElc1BQTOJuG9U9A1CR5Wx-RegPS5nignlyk~FXCpieXI9Hreyp5Ut6q1DCvdLN302h-ETSjlzjo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cp_ga.exe

http://www.downloadcrew.co.uk/?act=software.download&id=28531&t=1472427930&c=1d2c8f69b396b104b21252c06ea8a1cfff4effd2

http://ceedo.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAO7ssCxytyg/.../t7ZDyJXxDQ5cI7NLB7Y=

http://software-files-a.cnet.com/s/software/12/75/36/.../cp_ga.exe

http://files.ceedo.com/cdl/.../cp_ga.exe

http://downloads.pcauthority.com.au/?act=software.download&id=28531&t=1450743790&c=8357268e251ab67107321fd813f010412661f35c

http://files.downloadnow.com/s/software/12/75/36/.../cp_ga.exe

Scan cp_ga.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.