» 4shared_desktop_4.0.13.26744.exe
Overview
Analysis
File Details
Downloads (123)

4shared_desktop_4.0.13.26744.exe

4shared Desktop

4sync Inc.

The application 4shared_desktop_4.0.13.26744.exe by 4sync has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from www.lo4d.com and multiple other hosts.

File name:

Publisher:

New IT Solutions (signed by 4sync Inc.)

Product:

4shared Desktop

Version:

4.0.13.26744

MD5:

5df498c7fb50182b04afff6c109c51a2

SHA-1:

703a9502ab0cb58fcd67d747202023d12448c501

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/5/2024 4:39:58 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Optional.NewITSolutions.Meta (L)

15.6.19.9

File size:

11.1 MB (11,648,984 bytes)

Product version:

4.0.13.26744

New IT Solutions

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\documents and settings\administrateur\mes documents\downloads\4shared_desktop_4.0.13.26744.exe

Digital Signature

Signed by:

4sync Inc.

Authority:

GoDaddy.com, Inc.

Valid from:

10/21/2013 11:56:47 PM

Valid to:

10/21/2016 11:56:47 PM

Subject:

CN=4sync Inc., O=4sync Inc., L=San Francisco, S=California, C=US

Issuer:

SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

4B26471C28D70E

File PE Metadata

Compilation timestamp:

9/12/2014 9:27:55 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

196608:4rJW0+5E36fc1osF/UNnW6CC2J089/8/1ZiJArwKYE/I:YwXGKaoQ8NCEG8dZiwwKdg

Entry address:

0x413490

Entry point:

55, 8B, EC, 83, C4, E4, 53, 56, 33, C0, 89, 45, E4, 89, 45, E8, 89, 45, EC, B8, 48, 35, 80, 00, E8, FB, BC, BF, FF, 8B, 1D, 1C, 41, 82, 00, BE, B4, 35, 82, 00, 33, C0, 55, 68, C2, 37, 81, 00, 64, FF, 30, 64, 89, 20, 68, 07, 80, 00, 00, E8, 38, 00, FF, FF, 8B, 03, E8, 65, 7E, DF, FF, B2, 01, A1, 2C, 34, 80, 00, E8, 05, 4D, BF, FF, 8B, 13, 89, 82, 04, 01, 00, 00, C7, 82, 00, 01, 00, 00, 10, 35, 80, 00, 68, D0, 37, 81, 00, A1, 50, 7C, 82, 00, 50, E8, E3, 06, C0, FF, 85, C0, 74, 18, 8B, 03, 8B, 80, AC, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

4.1 MB (4,270,080 bytes)

The file 4shared_desktop_4.0.13.26744.exe has been seen being distributed by the following 50 URLs.

http://www.lo4d.com/get-file/4shared-desktop/.../

http://4shared.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmKSMpqChl5Y=

http://4shared.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmKGJnqCnmZ0=

http://securefilecloud.net/.../4shared-2014.exe

http://4shared.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flqeLp6Cjmps=

http://global-shared-files-l3.softonic.com/703/a95/.../file?nvb=20150116032030&nva=20150116152130&token=05e86635b0fb59fdbe32d&SD_used=0&channel=WEB&fdh=no&id_file=303618&instance=softonic_en&type=PROGRAM&filename=4shared_Desktop_4.0.13.26744.exe

http://4shared.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flqaQo6SgkZY=

http://4shared.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmKGKn6KomJY=

http://download.informer.com/.../4shared_desktop_4.0.13.26744.exe

http://www.download3k.es/DownloadLink1-4shared-Desktop.html

http://4shared.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fl6SLp52glZw=

http://download.informer.com/.../4shared_desktop_4.0.13.26744.exe

http://4shared.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flqSOnpygmJY=

http://download.informer.com/.../4shared_desktop_4.0.13.26744.exe

http://4shared.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmKOKp6Wgmpw=

http://www.lo4d.com/get-file/4shared-desktop/.../

http://4shared.ar.softonic.com/start-download/.../c65b9f7a652de4d34a407bf342a52d88

http://4shared.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fl6iOoqChlps=

http://4shared.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmKCQpqOkkpQ=

https://cdnfiles.4shared.com/web/cdn/popular/download/78JuPdgVba?contDisp=attachment; filename="4shared_Desktop_4.0.13.26744.exe"; filename*=utf-8''4shared_Desktop_4.0.13.26744.exe&contType=APPLICATION/.../

http://4shared.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmKWJo56nk5g=

http://www.lo4d.com/get-file/4shared-desktop/.../

http://4shared.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmKSLpaGokpo=

http://cdnfiles.4shared.com/web/cdn/popular/download/78JuPdgVba?contDisp=attachment; filename="4shared_Desktop_4.0.13.26744.exe"; filename*=utf-8''4shared_Desktop_4.0.13.26744.exe&contType=APPLICATION/.../

http://4shared.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flqeLn6OhlZk=

http://4shared.ro.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmKOPopykkZk=

http://4shared.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fl6aOo5ygkpc=

http://4shared.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmKOOoJyhl5o=

http://4shared.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flqOJop-klZY=

Latest 30 of 123 download URLs

Remove 4shared_desktop_4.0.13.26744.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.