» maggi.exe
Overview
Analysis
File Details
Downloads (11)

maggi.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

maggi.exe

MD5:

636e7dfa336ee4052ceb9e4f802e59ac

SHA-1:

63ca142ae4084eb1ba268058c3c266fa5801f1df

SHA-256:

d1eb79789f5c409ff58319abe7e4daab13c9c3b1ac39cca3c8b866bee81cced3

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/5/2024 11:35:04 AM UTC (today)

File size:

4.1 MB (4,256,352 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\downloads\maggi.exe

File PE Metadata

OS version:

270.17968

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

3.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

98304:Vbcmf29Kophn/mkiGKxu4LqxCIzktRHXubmhhVBOgQt9:B+N/8u4Lq0+cpXQcn2

Entry address:

0xA4009C

Entry point:

4D, 5A, 01, 01, 01, 00, 01, 00, 05, 00, 00, 00, FF, FF, 00, 00, 14, 00, 00, 00, 00, 00, 0A, 00, 40, 00, 00, 00, 01, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 10, 01, 00, 00, 04, 00, 0A, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 54, 68, 69, 73, 20, 69, 73, 20, 61, 20, 57, 69, 6E, 64, 6F, 77... 
[+]

Code size:

256 KB (262,147 bytes)

The file maggi.exe has been seen being distributed by the following 11 URLs.

http://gsf-cf.softonic.com/63c/a14/.../file?SD_used=0&channel=WEB&fdh=no&id_file=9894&instance=softonic_es&type=PROGRAM&Expires=1478174764&Signature=B4iTm0fw1An8uB5XgrmZsm2lY3Z~y8PeZC91XFkz3zD74DYZR~EGUmgZGlGXl~8G1WFEEi88UuoOiT7Z6-RgBgHYpbFZ8Xgn0ZTMZzwBDxjW9MTY4K7pvGtEXqnn~jJJwjUKR-AhVAL7zpy9FyJBbFHtW0uNsppN8VYItUcl0QE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=maggi.exe

http://gsf-cf.softonic.com/63c/a14/.../file?SD_used=0&channel=WEB&fdh=no&id_file=9894&instance=softonic_es&type=PROGRAM&Expires=1449229241&Signature=Gkl~-j1YsfMwIvX6gsnaaItocMHS3Qu8zvjh3enitgEmDzbS-J-kQVCiXQ3s3UUkxkSOWvYlAIdvjwQfVe-nsemHVATAZ0ERXU9lHihNg28z7Ak5Kon0oPd3JK~BTc5od6vZEVkFg2Py4OJseB-qPSGs19I0izpRJ77o5WY7RyA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=maggi.exe

http://gsf-cf.softonic.com/63c/a14/.../file?SD_used=0&channel=WEB&fdh=no&id_file=9894&instance=softonic_es&type=PROGRAM&Expires=1445047158&Signature=IpWcKrhBjgqbsE~Ud7MjFPLcou-RzDpUvB13REuLuHnDAS1ItUkG93CxpzWWkLUI61Nq67VKMiDHh91Y4B7AnFODpn~DDDWOvQTyCJl9gqKhQAYwRjkfc15NjvE9g6R-xbJdy27LKccYpvqrw0tGr2qw2POxmGOre9VrsAQZlbU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=maggi.exe

http://gsf-cf.softonic.com/63c/a14/.../file?SD_used=0&channel=WEB&fdh=no&id_file=9894&instance=softonic_es&type=PROGRAM&Expires=1434906257&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=ZvVg8OIQBn4m8l-kmxlPxajmU2Ymbb6FEGPM5mNFHfJ1D9Ei3uiRr4vQTKXsHoe6obIQ2gn5L48DzclGYmKCMbEdUNel100PBXPO~R4xHY5645DO0Z59ezjA3I5iijaNdXti6BBlUjRclq8LAAcjJN0RhjhEXW8tfT33B8EOOJc_&filename=maggi.exe

http://ec.ccm2.net/es.ccm.net/download/.../Maggi 7.1.exe

http://gsf-cf.softonic.com/63c/a14/.../file?SD_used=0&channel=WEB&fdh=no&id_file=9894&instance=softonic_en&type=PROGRAM&Expires=1466655764&Signature=WZQcQoDggyb7Z1sqdMFQhZU0yupe3b4J1oL~S-v3owgeK1pnjPGZvPq693vmYXe1B2IYdy~W-JBqFp-jR5kt2iyXiE80csPHlXsJaufhfxS59QzYt1Inug8jDxrlPR~0ZclE5hgQDp1p0qs3N9zQ7GgeqKoOShwviutcXp3q7I0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=maggi.exe

http://gsf-cf.softonic.com/63c/a14/.../file?SD_used=0&channel=WEB&fdh=no&id_file=9894&instance=softonic_es&type=PROGRAM&Expires=1460931004&Signature=M-NFuVyLo~WPchhHgXK0MJP11~2Su7rJmb1nm1tbORA4Hh5KqRvnxKLbkSx4LxQSk~ycpYB09ECnLgEF7gNd-Tzp~UNYxHb-ESiM56Mhy4yHinQTjgG~f1OHTFmSk42KeL-rgKhaV0dj2i5EdS3yoeuwdkAfRdfBG9jhXuhK73U_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=maggi.exe

http://gsf-cf.softonic.com/63c/a14/.../file?SD_used=0&channel=WEB&fdh=no&id_file=9894&instance=softonic_es&type=PROGRAM&Expires=1423717375&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=EcO0TuYzr8YdPOww8axDf2ajo29bh0fOqkdJLJk7WYfTEUto5EBj9FANqb6ZcRv4DGA3wx5vwNRPjHk7bgF9iSV0fqqdqVopi68CU-7peIECQS-D2TeIhO20HlyWMZpDGLvHF8PSUCpBMaU-ReiCEsheMDU9sFgftxrN0Xsq2qY_&filename=maggi.exe

http://gsf-cf.softonic.com/63c/a14/.../file?SD_used=0&channel=WEB&fdh=no&id_file=9894&instance=softonic_en&type=PROGRAM&Expires=1456136612&Signature=RP5K-GVxkN6~nFHNR0KA9UPG1C5zkqbvq2maz-6kfLILvGLsxaDEWfGeenWjf8BO0PNgBNvDt69rRziPQrak0AWLRELVEewnx2LFa0R~td8XqAzU55cPxycgu~F4J8Nd9qZN044oeyZKjJwjwQ6QI4J-hqm~BhRBPAJb5YNEUI4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=maggi.exe

http://d3v8i1xnxxf2gf.cloudfront.net/maggi-7.1-multi.exe

http://gsf-cf.softonic.com/63c/a14/.../file?SD_used=0&channel=WEB&fdh=no&id_file=9894&instance=softonic_en&type=PROGRAM&Expires=1423621903&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=BkXVs5FybpmTGbLyIWXCVA8-Qm6DEMys5ykUtQe3KsXEn-T08rPcHw8Kl0XHl48V6ghMtyf8id25WdB5H4qNwE~J9jv4wWrmSvI5971-GeCRHbhquOpy5jdSMHX8zxPiF8dsF4oCYGBh-07ZO4UfyjNsIYDTuvntHuad7QhJ8w0_&filename=maggi.exe

Scan maggi.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.