00000000

Get your downloads

Maxiget Limited

This is part of a bundled installer which provides applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The file 00000000 by Maxiget Limited has been detected as adware by 36 anti-malware scanners. The file has been seen being downloaded from ds212.maxiget.com and multiple other hosts.
Publisher:
Company #1  (signed by Maxiget Limited)

Product:
Get your downloads

Version:
3, 1, 16, 0

MD5:
494cb166cb8226632a9dec9af8974655

SHA-1:
8d76e35507c7513bdeee57e2e94e4d4b7d5c5384

SHA-256:
994eed5cec0fa032eee662d07cebc90ba7b8084e257bbc74123360e83f9a0530

Scanner detections:
36 / 68

Status:
Adware

Explanation:
This is a modified installer version of the software and bundles additional offers including adware.

Analysis date:
11/23/2024 5:51:43 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Generic.993281
383

AegisLab AV Signature
Troj.Dropper.W32.Agent
2.1.4+

Agnitum Outpost
PUA.Downloader
7.1.1

AhnLab V3 Security
PUP/Win32.Downloader
2014.03.06

Avira AntiVirus
Adware/Delta.H.17
7.11.177.168

avast!
Win32:FourShared-AI [PUP]
2014.9-160117

AVG
Adware BundleApp
2017.0.2861

Baidu Antivirus
Adware.Win32.Maxiget
4.0.3.16117

Bitdefender
Adware.Generic.957134
1.0.20.85

Bkav FE
W32.Clod84a.Trojan
1.3.0.4562

Clam AntiVirus
Win.Trojan.4shared-19
0.98/21411

Comodo Security
Application.Win32.Graftor.KLK
17889

Dr.Web
Adware.Downware.1751
9.0.1.017

Emsisoft Anti-Malware
Adware.Generic.993281
8.16.01.17.08

ESET NOD32
Win32/4Shared (variant)
10.9170

F-Prot
W32/A-35b3d9ee
v6.4.7.1.166

F-Secure
Adware.Generic.993281
11.2016-17-01_1

G Data
Win32.Trojan.TorrentNZ
16.1.24

IKARUS anti.virus
AdWare.Delta
t3scan.1.7.8.0

K7 AntiVirus
Unwanted-Program
13.183.13642

Malwarebytes
PUP.Optional.4Shared
v2016.01.17.08

McAfee
Artemis!BB39D90B74D5
5600.6517

MicroWorld eScan
Adware.Generic.957134
17.0.0.51

NANO AntiVirus
Trojan.Win32.GetFaster.ctshtu
0.28.0.58394

Norman
Adware.Generic.993281
11.20160117

nProtect
Trojan/W32.Agent.139784.G
14.10.10.01

Qihoo 360 Security
Win32/Virus.Adware.768
1.0.0.1015

Quick Heal
Trojan.Badur.MUE.A5
1.16.14.00

Reason Heuristics
PUP.New IT Limited.Maxiget (M)
16.1.17.20

Rising Antivirus
PE:PUF.4Shared!1.9C25
23.00.65.16115

Sophos
4Share Downloader
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Downloader
9379

Trend Micro House Call
TROJ_GEN.F47V0215
7.2.17

Vba32 AntiVirus
Backdoor.Androm
3.12.26.3

VIPRE Antivirus
Adware.Win32.4Shared.a
27102

Zillya! Antivirus
Downloader.GetFaster.Win32.39
2.0.0.1927

File size:
223.9 KB (229,264 bytes)

Product version:
3, 1, 16, 0

Copyright:
Copyright (C) 2013

Trademarks:
TM(c)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\google\chrome\user data\default\file system\001\t\00\00000000

Digital Signature
Signed by:

Authority:
GoDaddy.com, Inc.

Valid from:
8/15/2013 1:41:32 PM

Valid to:
8/15/2016 1:41:32 PM

Subject:
CN=Maxiget Limited, O=Maxiget Limited, L=Limassol, S=Cyprus, C=CY

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
045BA815265145

File PE Metadata
Compilation timestamp:
11/29/2013 11:35:47 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:+eOv6gKZ8wKfPPckq+9SzP+2+mNLqz1BCDJw6w+gs0FHPfrKaDk:a6grhfXRUzWpz1cDy62dXVk

Entry address:
0x123D1

Entry point:
E8, DD, 89, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3, 8D, 41, FE, 8B...
 
[+]

Entropy:
6.5034

Code size:
143.5 KB (146,944 bytes)

The file 00000000 has been seen being distributed by the following 5 URLs.

Remove 00000000 - Powered by Reason Core Security