00000000

Get your downloads

Maxiget Limited

This is part of a bundled installer which provides applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The file 00000000 by Maxiget Limited has been detected as adware by 36 anti-malware scanners. The file has been seen being downloaded from ds212.maxiget.com and multiple other hosts.
Publisher:
Company #1  (signed by Maxiget Limited)

Product:
Get your downloads

Version:
3, 1, 23, 0

MD5:
3e5b8cc6bae86212b953aad20fe7dc65

SHA-1:
e8a86e8e9e3f00cd1c1cb1f3ace401309d891b51

SHA-256:
40ef47f642eaafe8e777794ae8d06af7479dd7eebc264aaad7106ad5bd39327d

Scanner detections:
36 / 68

Status:
Adware

Explanation:
This is a modified installer version of the software and bundles additional offers including adware.

Analysis date:
12/26/2024 3:06:39 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Generic.993281
393

AegisLab AV Signature
Troj.Dropper.W32.Agent
2.1.4+

Agnitum Outpost
PUA.Downloader
7.1.1

AhnLab V3 Security
PUP/Win32.Downloader
2014.03.06

Avira AntiVirus
Adware/Delta.H.17
7.11.177.168

avast!
Win32:FourShared-AI [PUP]
2014.9-160107

AVG
Adware BundleApp
2017.0.2871

Baidu Antivirus
Adware.Win32.Maxiget
4.0.3.1617

Bitdefender
Adware.Generic.957134
1.0.20.35

Bkav FE
W32.Clod84a.Trojan
1.3.0.4562

Clam AntiVirus
Win.Trojan.4shared-19
0.98/21411

Comodo Security
Application.Win32.Graftor.KLK
17889

Dr.Web
Adware.Downware.1751
9.0.1.07

Emsisoft Anti-Malware
Adware.Generic.993281
8.16.01.07.09

ESET NOD32
Win32/4Shared (variant)
10.9170

F-Prot
W32/A-35b3d9ee
v6.4.7.1.166

F-Secure
Adware.Generic.993281
11.2016-07-01_5

G Data
Win32.Trojan.TorrentNZ
16.1.24

IKARUS anti.virus
AdWare.Delta
t3scan.1.7.8.0

K7 AntiVirus
Unwanted-Program
13.183.13642

Malwarebytes
PUP.Optional.4Shared
v2016.01.07.09

McAfee
Artemis!BB39D90B74D5
5600.6527

MicroWorld eScan
Adware.Generic.957134
17.0.0.21

NANO AntiVirus
Trojan.Win32.GetFaster.ctshtu
0.28.0.58394

Norman
Adware.Generic.993281
11.20160107

nProtect
Trojan/W32.Agent.139784.G
14.10.10.01

Qihoo 360 Security
Win32/Virus.Adware.768
1.0.0.1015

Quick Heal
Trojan.Badur.MUE.A5
1.16.14.00

Reason Heuristics
PUP.New IT Limited.Maxiget (M)
16.1.7.21

Rising Antivirus
PE:PUF.4Shared!1.9C25
23.00.65.16105

Sophos
4Share Downloader
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Downloader
9399

Trend Micro House Call
TROJ_GEN.F47V0215
7.2.7

Vba32 AntiVirus
Backdoor.Androm
3.12.26.3

VIPRE Antivirus
Adware.Win32.4Shared.a
27102

Zillya! Antivirus
Downloader.GetFaster.Win32.39
2.0.0.1927

File size:
310.7 KB (318,176 bytes)

Product version:
3, 1, 23, 0

Copyright:
Copyright (C) 2013

Trademarks:
TM(c)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\spark\user data\default\file system\001\t\00\00000000

Digital Signature
Signed by:

Authority:
GoDaddy.com, Inc.

Valid from:
8/15/2013 1:41:32 PM

Valid to:
8/15/2016 1:41:32 PM

Subject:
CN=Maxiget Limited, O=Maxiget Limited, L=Limassol, S=Cyprus, C=CY

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
045BA815265145

File PE Metadata
Compilation timestamp:
12/26/2013 7:03:42 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:6duDCloyI5uf6wG16nO4CXGm6Jsd7ir2/z0uxIBqesCJEcjpwsJHuLVz4+zyFHPV:rDRBR6nQ02b5GJnp4L/mHs3xG

Entry address:
0x25DF1

Entry point:
E8, 5C, 89, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3, 8D, 41, FE, 8B...
 
[+]

Entropy:
6.3727

Code size:
223.5 KB (228,864 bytes)

The file 00000000 has been seen being distributed by the following 6 URLs.

Remove 00000000 - Powered by Reason Core Security