» GetGoDM.exe
Overview
Analysis
File Details
Behaviors (1)

GetGoDM.exe

GetGo Download Manager

GetGo Software Ltd.

File name:

GetGoDM.exe

Publisher:

GetGo Software (signed by GetGo Software Ltd.)

Product:

GetGo Download Manager

Version:

4, 8, 5, 1687

MD5:

2710e9aebd737b796469f4e6a29e6b16

SHA-1:

241b2908dc56d67508a0dc54d9d1296e7df98125

SHA-256:

59f45f8c63967ba7d003a2f26225407c855edc6ca99b115b041abe178dfd92dd

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/25/2024 3:22:43 AM UTC (today)

Scan engine

Detection

Engine version

IKARUS anti.virus

Trojan-Spy.Zbot

t3scan.1.8.9.0

File size:

3.5 MB (3,679,344 bytes)

Product version:

4, 8, 5, 1687

Original file name:

GetGoDM.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\getgo software\getgo download manager\getgodm.exe

Digital Signature

Signed by:

GetGo Software Ltd.

Authority:

COMODO CA Limited

Valid from:

12/20/2012 3:30:00 AM

Valid to:

12/21/2014 3:29:59 AM

Subject:

CN=GetGo Software Ltd., O=GetGo Software Ltd., STREET=1840 Knutsford Place, L=Victoria, S=BC, PostalCode=V8N 6E4, C=CA

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00EF51E3D40CEB9F88AEF48ADACCEF46E4

File PE Metadata

Compilation timestamp:

3/25/2013 10:48:07 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

49152:14XibjQe6RpAo75BPhGLl4z5xXo2fzp6BvdKeEb3KMRT9SIbzcVYt1OsSIEUcj:1moUe6RpAA5BwBExXo2rg/2zEa7Osy

Entry address:

0xF011B

Entry point:

E8, 04, DC, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 10, 53, 56, 8B, 75, 08, FF, 75, 14, 8D, 4D, F0, 89, 75, 08, E8, B6, A6, FF, FF, 33, DB, 3B, F3, 75, 2D, 39, 5D, 10, 74, 28, E8, 1E, 04, 00, 00, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, 60, A6, FF, FF, 83, C4, 14, 38, 5D, FC, 74, 07, 8B, 45, F8, 83, 60, 70, FD, 33, C0, EB, 7F, 8B, 4D, 0C, 3B, CB, 75, 05, 39, 5D, 10, 75, CC, 8B, 55, F4, 39, 5A, 08, 75, 1B, FF, 75, 10, 51, 56, E8, DF, F6, FF, FF, 83, C4, 0C, 38, 5D, FC, 74, 59, 8B, 4D... 
[+]

Entropy:

6.6627

Code size:

2.4 MB (2,466,304 bytes)

Internet Explorer Extension

Name:

{01A13E40-2F55-4397-B39B-7851BCFB8008}

Scan GetGoDM.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.