home

shareit for pc.exe

The application shareit for pc.exe has been detected as a potentially unwanted program by 9 anti-malware scanners. This is a setup program which is used to install the application. The installer uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars. The file has been seen being downloaded from dc689.4shared.com and multiple other hosts.
MD5:
a4507fffb651f21b4e511700b3d7edb2

SHA-1:
5fe6e056e34d3c8081b0cc14ad6ac165ecb94c01

SHA-256:
6959c66f4e4152ddd5514dcdd49e0652112927394755b7536afda3afd15f7520

Scanner detections:
9 / 68

Status:
Potentially unwanted

Explanation:
Uses the Solimba installer to bundle adware offers.

Analysis date:
11/5/2024 8:06:23 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Barys.10673
5813571

Dr.Web
infected with Trojan.Solimba.12
9.0.1.05190

Emsisoft Anti-Malware
Application.Bundler.Morstar
10.0.0.5366

ESET NOD32
multiple threats
7.0.302.0

Kaspersky
not-a-virus:AdWare.MSIL.Solimba
15.0.0.562

McAfee
Trojan.Artemis!A4507FFFB651
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.213.2822.0

Norman
Application.Bundler.Morstar.J
11.01.2016 17:30:26

VIPRE Antivirus
Threat.4758821
46444

File size:
1 MB (1,054,939 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\shareit for pc.exe

File PE Metadata
Compilation timestamp:
6/9/2012 8:19:49 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:02O/GlEOPUGrYxVyOn/9PYjuphC1/1GiEMTfUDP:UO8GUxIEnC1/YMT8P

Entry address:
0xAC87

Entry point:
E8, E3, FE, FF, FF, 33, C0, 50, 50, 50, 50, E8, 9F, 30, 00, 00, C3, 56, 57, 8B, 7C, 24, 0C, 8B, F1, 8B, CF, 89, 3E, E8, 8F, AB, FF, FF, 89, 46, 08, 89, 56, 0C, 8B, 87, 24, 0C, 00, 00, 89, 46, 10, 5F, 8B, C6, 5E, C2, 04, 00, 8B, C1, 8B, 08, 8B, 50, 10, 3B, 91, 24, 0C, 00, 00, 75, 0D, 6A, 00, FF, 70, 0C, FF, 70, 08, E8, 0E, B1, FF, FF, C3, 56, 8B, F1, 8B, 06, 85, C0, 74, 07, 50, FF, 15, C4, 40, 41, 00, 83, 26, 00, 83, 66, 08, 00, 83, 66, 0C, 00, 5E, C3, 56, 8B, F1, 80, 7E, 04, 00, 75, 34, 68, F4, 44, 41, 00...
 
[+]

Code size:
73 KB (74,752 bytes)

The file shareit for pc.exe has been seen being distributed by the following 2 URLs.

http://dc689.4shared.com/download/.../SHAREit_for_PC.exe

http://dc609.4shared.com/download/.../SHAREit_for_PC.exe

Remove shareit for pc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.