home

fg680far.exe

Freegate Application

Dynamic Internet Technology Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from mg.mail.yahoo.com.
Publisher:
Dynamic Internet Technology, Inc.  (signed by Dynamic Internet Technology Inc.)

Product:
Freegate Application

Description:
Fast and Secure Gateway to Internet Freedom

Version:
6, 8, 0, 0

MD5:
e4277e3983af7ded1c47f3543cbdb920

SHA-1:
93119aa0f603905c6b37cc5d3e691fab655308cb

SHA-256:
a77c07269821a7db5c806d7626e7124ae11d9e32bf1e2ff8ccd06794eef7b8dd

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/24/2024 4:02:07 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/PECompact
7.1.1

File size:
398.4 KB (407,944 bytes)

Product version:
0, 0, 0, 0

Copyright:
Copyright (C) 2003-2008

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\fg680far.exe

Digital Signature
Signed by:
Dynamic Internet Technology Inc.

Authority:
The USERTRUST Network

Valid from:
10/7/2008 3:30:00 AM

Valid to:
10/8/2011 3:29:59 AM

Subject:
CN=Dynamic Internet Technology Inc., O=Dynamic Internet Technology Inc., STREET="2731 NC Highway 55, Box# 240", L=Cary, S=NC, PostalCode=27519, C=US

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
0090F7A8DE5D2837332391FB428284913A

File PE Metadata
Compilation timestamp:
2/13/2009 8:13:47 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:Qdo9G2RAAbPpIQSQIf7V7V5bH/cxmUcpPbEm5MknUdOwNFQ6:qo9f+dQIf7VTbU0Em5Mfj

Entry address:
0x1000

Entry point:
B8, AC, 83, 4C, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 47, 9F, 1E, 7B, 7B, B8, D1, 1D, 8D, 55, F0, 5B, 1A, 1D, 5F, D2, B4, 6B, 45, 53, 9E, DC, AF, 51, FB, 12, 3C, EA, 87, 0D, F2, FA, 7D, DA, A1, 83, 06, 46, 37, 59, 19, BE, F4, A3, 47, 74, A8, 79, 9B, DB, 3E, 93, 7F, 02, 5F, C0, 99, D6, FF, FB, F4, 54, E2, 10, 97, 36, 94, AD, 29, 93, 7F, AE, 84, 66, 58, EA, D1, F0, 4A, 1B, F1, EA, 12, 39, 16, 76, D9, FE, 4A, 0D, 43, 60, 38...
 
[+]

Entropy:
7.9734

Packer / compiler:
PECompact v2

Code size:
776 KB (794,624 bytes)

The file fg680far.exe has been seen being distributed by the following URL.

https://mg.mail.yahoo.com/.../download?mid=2_0_0_2_441481_ADUJDUwAAEyVTpSH2wPn3W2yxko&fid=Sent&pid=2&clean=0&appid=YahooMailNeo

Scan fg680far.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.