كتاب الرياضيات والتمارين المطور ثاني متوسط ف2.exe

premium

New IT Limited

This is part of a bundled installer which provides applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application كتاب الرياضيات والتمارين المطور ثاني متوسط ف2.exe by New IT Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from ds312.maxiget.com.
Publisher:
C  (signed by New IT Limited)

Product:
premium

Description:
DWD

Version:
3, 2, 1, 0

MD5:
4970a5c7dc0cd72d6bac609b96c74db6

SHA-1:
b29924261ed25a27903cb8c60ea9b8dec23615c0

SHA-256:
2b782ff6920cd948b41b48ee8f84dba2dea3bc256e8cce64049e555d1c515c91

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/27/2024 4:50:48 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.New IT Limited (M)
16.7.28.3

File size:
521.4 KB (533,888 bytes)

Product version:
3, 2, 1, 0

Copyright:
2014

Trademarks:
-

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\كتاب الرياضيات والتمارين المطور ثاني متوسط ف2.exe

Digital Signature
Signed by:

Authority:
GoDaddy.com, Inc.

Valid from:
12/30/2013 11:33:53 AM

Valid to:
12/30/2016 11:33:53 AM

Subject:
CN=New IT Limited, O=New IT Limited, L=Nicosia, S=Nicosia, C=CY

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
04225A281DFF69

File PE Metadata
Compilation timestamp:
2/17/2014 5:46:09 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:jokxzBSZNMwv09Xgjaa/j/JoFNHtiaB3vnJKwywdN:0kxzBSZNME09X0aMdoFNHt9BfnyQN

Entry address:
0x46132

Entry point:
E8, 11, BF, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3, 8D, 41, FE, 8B, 4C...
 
[+]

Entropy:
6.4414

Code size:
376 KB (385,024 bytes)

The file كتاب الرياضيات والتمارين المطور ثاني متوسط ف2.exe has been seen being distributed by the following URL.