01 imperadores 1991.exe

Get your downloads

Maxiget Limited

This is a bundle installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application 01 imperadores 1991.exe by Maxiget Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the New IT Desktop Setup installer. The file has been seen being downloaded from dc705.4shared.com.
Publisher:
Company #1  (signed by Maxiget Limited)

Product:
Get your downloads

Version:
3, 1, 23, 0

MD5:
b59d41019764dcf182e3aee3becbd558

SHA-1:
d00946647a0c85b7f15f610a40c8face9077d3d0

SHA-256:
e2c94463f52ca1756833a03356a0cbdb3b4b39e0d8cf2c53be8a463e27055e93

Scanner detections:
1 / 68

Status:
Adware

Explanation:
This is a modified installer version of the software and bundles additional offers including adware.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/25/2024 8:25:01 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.New IT Limited.Maxiget.Bundler (M)
16.5.22.5

File size:
310.4 KB (317,800 bytes)

Product version:
3, 1, 23, 0

Copyright:
Copyright (C) 2013

Trademarks:
TM(c)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
New IT Desktop Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\01 imperadores 1991.exe

Digital Signature
Signed by:

Authority:
GoDaddy.com, Inc.

Valid from:
8/15/2013 3:41:32 AM

Valid to:
8/15/2016 3:41:32 AM

Subject:
CN=Maxiget Limited, O=Maxiget Limited, L=Limassol, S=Cyprus, C=CY

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
045BA815265145

File PE Metadata
Compilation timestamp:
12/26/2013 10:03:42 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:JduDCloyI5uf6wG16nO4CXGm6Jsd7ir2/z0uxIBqesCJEcjpwsJHuLVz4+zyFHPt:CDRBR6nQ02b5GJnp4L/mHs3xm

Entry address:
0x25DF1

Entry point:
E8, 5C, 89, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3, 8D, 41, FE, 8B...
 
[+]

Code size:
223.5 KB (228,864 bytes)

The file 01 imperadores 1991.exe has been seen being distributed by the following URL.

Remove 01 imperadores 1991.exe - Powered by Reason Core Security