» maxtorrent.exe
Overview
Analysis
File Details
Downloads (1)

maxtorrent.exe

The application maxtorrent.exe has been detected as a potentially unwanted program by 17 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from freesite-go.com.

File name:

maxtorrent.exe

Version:

1.0.0.0

MD5:

ccd11405e65dcb379f7dd8938bbe7277

SHA-1:

481638916b9ce3fba7bc1d5efa40257567a0a0d8

SHA-256:

2ba9a9225457198fc6697af6c93676645c4d75983dce5cfde0224f2d8a5e05da

Scanner detections:

17 / 68

Status:

Potentially unwanted

Analysis date:

11/5/2024 6:29:58 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Riskware.Agent

7.1.1

AhnLab V3 Security

PUP/Win32.InstallMonster

2014.09.23

Avira AntiVirus

APPL/InstallMon.enib

7.11.189.40

avast!

Win32:InstallMonstr-GC [PUP]

2014.9-141202

AVG

Generic

2015.0.3272

Dr.Web

Trojan.InstallMonster.979

9.0.1.0265

ESET NOD32

Win32/InstallMonstr.FS (variant)

8.10448

F-Prot

W32/A-1572098d

v6.4.7.1.166

K7 AntiVirus

Unwanted-Program

13.186.14161

Kaspersky

not-a-virus:AdWare.Win32.InstallMonster

14.0.0.2857

NANO AntiVirus

Riskware.Win32.InstallMonster.dhyvgp

0.28.6.63726

Norman

InstallMonstr.V

11.20141202

Reason Heuristics

Threat.Win.Reputation.IMP

14.12.2.12

Sophos

Install Monster

4.98

Vba32 AntiVirus

TScope.Trojan.Delf

3.12.26.3

VIPRE Antivirus

Threat.4150696

35088

Zillya! Antivirus

Adware.InstallMonster.Win32.40

2.0.0.1994

File size:

3.9 MB (4,052,707 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\maxtorrent.exe

File PE Metadata

Compilation timestamp:

6/20/1992 2:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:Yy5YOO9IT99BxyjeWYwcTZCUfVKwq85D6K:D5YOPD5WYVwx8YK

Entry address:

0x8115F0

Entry point:

60, BE, 00, E0, 8F, 00, 8D, BE, 00, 30, B0, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89... 
[+]

Packer / compiler:

UPX 2.90LZMA

Code size:

3.1 MB (3,227,648 bytes)

The file maxtorrent.exe has been seen being distributed by the following URL.

http://freesite-go.com/eyJzaWQiOiI0OTcxIiwidmVyIjoiMSIsInVybCI6Imh0dHA6XC9cL21heHRvcnJlbnQucHJvXC9NYXhUb3JyZW50LmV4ZSIsIm5hbWUiOiJNYXhUb3JyZW50IiwidHlwZSI6ImRpc2siLCJzaXplIjoiMzU2NTE1OCIsInN1Yl9pZDIiOiI0MjcwMDkzMiJ9

Remove maxtorrent.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.