gwave568.exe

GoldWave Inc.

This is a setup and installation application. The file has been seen being downloaded from software.oldversion.com and multiple other hosts.
Publisher:
GoldWave Inc.

Description:
Installer Program

Version:
1.2.0.0

MD5:
b4e8ca2fd115b9ded7754c15ba072b7f

SHA-1:
8e03cb3771abc1bcf9566328b289fac2c154d697

SHA-256:
058e1d3ef241d83d822f6f66880bbb0eb42cacefb0702e3ed40e4542a0be671b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
9/25/2018 10:24:37 PM UTC  (today)

File size:
7.6 MB (7,950,094 bytes)

Product version:
1.2.0.0

Copyright:
Copyright © 2012 GoldWave® Inc.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\gwave568.exe

File PE Metadata
Compilation timestamp:
1/24/2013 11:34:50 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
98304:0cCpLFO+//A3XDR9o8zKYZED+wh75wzc2cVchY2U1LF+XPvwjSpidikfeYpEX1SL:TYFvBSZ1EGzcP66B+/IjX3ebX1SL

Entry address:
0x1104

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, AC, C0, 42, 00, A1, 9F, C0, 42, 00, C1, E0, 02, A3, A3, C0, 42, 00, 52, 6A, 00, E8, 63, A0, 02, 00, 8B, D0, E8, EA, D7, 01, 00, 5A, E8, 24, BE, 01, 00, E8, E3, D7, 01, 00, 6A, 00, E8, 54, EA, 01, 00, 59, 68, 48, C0, 42, 00, 6A, 00, E8, 3D, A0, 02, 00, A3, A7, C0, 42, 00, 6A, 00, E9, 0B, 7B, 02, 00, E9, 86, EA, 01, 00, 33, C0, A0, 91, C0, 42, 00, C3, A1, A7, C0, 42, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, A4, 00, 00, 00, 0B, C9...
 
[+]

Entropy:
7.9874  (probably packed)

Code size:
172 KB (176,128 bytes)

The file gwave568.exe has been seen being distributed by the following 25 URLs.

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ2OTg0ODA5MjtzOjI6ImlkIjtpOjkyMjA7czo0OiJmaWxlIjtzOjEyOiJnd2F2ZTU2OC5leGUiO3M6MzoidXJsIjtzOjQ2OiJodHRwOi8vd3d3Lm9sZHZlcnNpb24uanAvd2luZG93cy9nb2xkd2F2ZS01LTY4IjtzOjQ6InBhc3MiO3M6MzI6Ijc5NDYyYmI3MzQzNzI1YjVjNWViMjE0YWVjYjNjYWI2Ijt9

http://download679.mediafire.com/q6u399f7y5mg/.../gwave568.exe

https://archive.org/download/.../gwave568.exe

http://download679.mediafire.com/lr52hl7lhqpg/.../gwave568.exe

http://download1095.mediafire.com/wte9t7ucuprg/.../gwave568.exe

http://download1633.mediafire.com/3k0u30uqsevg/.../gwave568.exe

http://download644.mediafire.com/8do9aooh1qpg/.../gwave568.exe

http://download1970.mediafire.com/g9eb639qe8wg/.../gwave568.exe

http://61.222.3.60/29e21865ab87462167d32d6c09274125/softking/soft/sale/.../gwave568.exe

Scan gwave568.exe - Powered by Reason Core Security