gtasanandreas.exe

SuperCharging

Maxiget Limited

This is part of a bundled installer which provides applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application gtasanandreas.exe by Maxiget Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from ds133.maxiget.com.
Publisher:
SPC LLC  (signed by Maxiget Limited)

Product:
SuperCharging

Description:
DWD

Version:
3, 3, 22, 0

MD5:
f5f14750c742ff3fdbfbbf4c10a70b3d

SHA-1:
b7c47a6c8688c56fdde8417c65ca47d0cd322a27

SHA-256:
2343fc3f3735a22580b23d48897b9e4ed04cb94faea9795b028e5de4f4d64284

Scanner detections:
1 / 68

Status:
Adware

Explanation:
This is a modified installer version of the software and bundles additional offers including adware.

Analysis date:
11/30/2024 8:45:42 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.New IT Limited (M)
16.8.7.2

File size:
434.3 KB (444,752 bytes)

Product version:
3, 3, 22, 0

Copyright:
2013

Trademarks:
-

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\gtasanandreas.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
11/12/2013 3:00:00 AM

Valid to:
11/13/2014 2:59:59 AM

Subject:
CN=Maxiget Limited, O=Maxiget Limited, STREET="Arch. Makariou III, 135", STREET="Emelle Building, 4th floor", L=Limassol, S=Limassol, PostalCode=3021, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FBB004FE732F9C48D07FE66424856186

File PE Metadata
Compilation timestamp:
5/15/2014 3:12:41 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:/hv9K8SSeot00WQGwthtoWExghexAJwV8J0n9xc5Vz2KEbIA4M0b1H:pv9KSXWxitnExghexLG4ELz2KFA4/1H

Entry address:
0x2A0AC

Entry point:
E8, FB, A3, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 14, A1, 58, CD, 44, 00, 33, C5, 89, 45, FC, 53, 56, 33, DB, 57, 8B, F1, 39, 1D, A4, E5, 44, 00, 75, 38, 53, 53, 33, FF, 47, 57, 68, 5C, 1D, 44, 00, 68, 00, 01, 00, 00, 53, FF, 15, 58, F1, 43, 00, 85, C0, 74, 08, 89, 3D, A4, E5, 44, 00, EB, 15, FF, 15, C4, F0, 43, 00, 83, F8, 78, 75, 0A, C7, 05, A4, E5, 44, 00, 02, 00, 00, 00, 39, 5D, 14, 7E, 22, 8B, 4D, 14, 8B, 45, 10, 49, 38, 18, 74, 08, 40, 3B, CB, 75, F6, 83, C9, FF, 8B, 45, 14, 2B, C1...
 
[+]

Entropy:
6.9078

Code size:
248 KB (253,952 bytes)

The file gtasanandreas.exe has been seen being distributed by the following URL.

Remove gtasanandreas.exe - Powered by Reason Core Security