» slideshow_maker_45mb_d_en.exe
Overview
Analysis
File Details
Programs (1)
Downloads (8)

slideshow_maker_45mb_d_en.exe

Magix AG

The program is a setup application that uses the Wise Installer installer. The file has been seen being downloaded from www.towerbitscenter.com and multiple other hosts.

File name:

Publisher:

Magix AG (signed and verified)

Description:

MAGIX Slideshow Maker (D)

Version:

1.0.1.3

MD5:

af51eb892ae35d3f63287ffa73b2a0d1

SHA-1:

08c7bb3fb0cfd0931e2cf9d37f668ef065a13018

SHA-256:

33dae28df50294c666024275fd21cb0e8e59adf051f92fb0b6983efb7d0f3be0

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

2/25/2025 6:13:08 AM UTC (today)

Scan engine

Detection

Engine version

NANO AntiVirus

Trojan.Script.Qhost.chhpdx

0.28.0.58101

File size:

47.6 MB (49,932,336 bytes)

Product version:

1032, 4455, 0, 0

MAGIX AG

File type:

Executable application (Win32 EXE)

Installer:

Wise Installer

Language:

English (United States)

Digital Signature

Signed by:

Magix AG

Authority:

VeriSign, Inc.

Valid from:

10/31/2008 1:00:00 AM

Valid to:

11/20/2009 12:59:59 AM

Subject:

CN=Magix AG, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Magix AG, S=Berlin, C=DE

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

458B78280E085808767A1FCB92D6D8

File PE Metadata

Compilation timestamp:

10/25/2001 9:47:11 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

786432:Q4/LrZjDj8j+asrKscRF8J2yUnBVWWNlRVooGIXBufHCAOEHofOqMkraOj+SaOjU:QYfZjDj8j6eJ7BCyNXuHCAOEIba2+Sa1

Entry address:

0x21AF

Entry point:

55, 8B, EC, 81, EC, 2C, 05, 00, 00, 53, 56, 57, 6A, 01, 5E, 6A, 04, 89, 75, E8, FF, 15, 54, 40, 40, 00, FF, 15, 50, 40, 40, 00, 8B, F8, 89, 7D, F4, 8A, 07, 3C, 22, 0F, 85, CC, 00, 00, 00, 8A, 47, 01, 47, 89, 7D, F4, 33, DB, 3A, C3, 74, 0D, 3C, 22, 74, 09, 8A, 47, 01, 47, 89, 7D, F4, EB, EF, 80, 3F, 22, 75, 04, 47, 89, 7D, F4, 80, 3F, 20, 75, 09, 47, 80, 3F, 20, 74, FA, 89, 7D, F4, 53, FF, 15, 6C, 40, 40, 00, 80, 3F, 2F, 89, 45, F8, 75, 64, 8A, 47, 01, 3C, 53, 74, 04, 3C, 73, 75, 06, 89, 35, 58, 53, 40, 00... 
[+]

Packer / compiler:

Wise Installer Stub

Code size:

8.5 KB (8,704 bytes)

The file slideshow_maker_45mb_d_en.exe has been discovered within the following program.

360Amigo System Speedup PRO by 360Amigo

360Amigo System Speedup is a tool of Windows that works quickly in identifying the problem and fix it if there are some mistakes that result in slow system performance.

www.360amigo.com

56% remove it

The file slideshow_maker_45mb_d_en.exe has been seen being distributed by the following 8 URLs.

http://www.towerbitscenter.com/zUxS_8Lgybc_z_mAKRgC4EzeNv6MoAinCPMRqRhnBnNNh6CrZt2oWjo4Zw2D0L7qjHlIZ18xdytJeuFjUcrIfS9kgEt7QMV7P4cQnycte Bu9EXPvjIeWRc4aSJ6XTLt11RJQOOz_f36CqbA pBtXpTaaj2UE1wkzCYQUEzZWgf64bNfxMOfijSvfZASbiRJkyjbYxaZ9KV6ZZqt3I1sMIcUJCMCkuZJITHuJVbe I9pp8wZHNQ=-G0QAAEQ3F5NatOWhOLD84ck7xgH7t7wvMBDuMXYmoni0xgif942uUNLVPnOsXbHMADSU34PHKTR4lUs=

http://www.ranchsendgift.com/U22Kp3GG5jDF_ltK1_infF79jAAwOBtBJbZEBhbISR4N42UhSpyVSlQc8dA9VrtLaoYTvD eAOwwrPK7c3VPvJRm26xPpAdD_Yp6DY5SXTaCAsnA521BHPeDqEeMOTxCf2PeVITCOpgB0oHt 2s91ARhgTJ92DrGBHCl_KlqLm 42EvCY8HMAD8s5TZpbRamtmrmU0p3iT3oXi SYI1FZNg8hIfRhw==-G0QAAEQ3F5NatOWhOLD84ck7xgH7t7wvMBDuMXYmoni0xgif942uUNLVPnOsXbHMADSU34PHKTR4lUs=

http://www.packagehostdownload.com/JtNvBppFKu_OSISGioQNwBk5lzOIdNvZF5rkYYa6I6eEi2rmwBL4gtx8jEraeJluIDwwcce4dRrfF4cgPDqcrccsQ2 HrHkF29kTs 13aG1qbXJ7rwTlCAJXXsqRPGs1ZC1q5iqslOtzkLe1xAHBFJtb3dc3jZY_ISrleKtqT89HaIj41t0PPKqp0A0C_qDyi Qnm1Ttd_qLizH2eWeQg4qgPAHa9g==-G0QAAEQ3F5NatOWhOLD84ck7xgH7t7wvMBDuMXYmoni0xgif942uUNLVPnOsXbHMADSU34PHKTR4lUs=

http://www.towerbitscenter.com/ASt9mukeBWAMwxm0_nP03nhgVQf53z4OgB2IIrxfuOpXy0h4B8tQMi2uduC2tE6zb Ne2Wwk5otc_CaAb0ucdDgTRcgeUzi9qMHSWacn3hnwZKUPj1DaWwaf0KaRgRPwqpEia2ssRvPq2Wrdj5 48GLngaEkh9vjK5wj3jvEzYHxi fvWNwqx0DYk8oz4XLhqj06xBHyOhgeauP8M7A2Y pGzdpIIQ==-G0QAAEQ3F5NatOWhOLD84ck7xgH7t7wvMBDuMXYmoni0xgif942uUNLVPnOsXbHMADSU34PHKTR4lUs=

http://www.ranchsendgift.com/V5WK7z69hwbVrpbuSe_MVuUbw6iDfmVyUzpNMfiEXLdT28fDYTuu7UVK8OajOT2J X5hr4BEo9WczSSGphfntz61E6ZB3wet_C1t4fEiflu07rQHbk_mENmzr0OfQTRv6RzlmyHU3 QrmGfV 79amb4ANftaiJb ukmDFXYvud6gKImr9IaZjdmJxSFtAasa1F0z8wIy5jZKuWQdg zLwe3wP8Ftjw==-G0QAAEQ3F5NatOWhOLD84ck7xgH7t7wvMBDuMXYmoni0xgif942uUNLVPnOsXbHMADSU34PHKTR4lUs=

http://www.ranchsendgift.com/3ibrC76CIMYuu_lXArNZZxnS2xKVEXe uNJlUcS5uAUBqSv63sEd9r9ZXt7B8xoa7FS1jxw8h7tLC1_nxqKXCuQtJtMaO7eXvADEnle9xR_LqOjzl0mUQ2Ra4H25CdZL INbjgJBYJ84rMdn0PCIEnZdMzOmYHtGxIxov5CBGahf6kNzZuTKCnuHYiVhgQLSYXeddtCQev1NGbSbpVAwf7VTuzfGrg==-G0QAAEQ3F5NatOWhOLD84ck7xgH7t7wvMBDuMXYmoni0xgif942uUNLVPnOsXbHMADSU34PHKTR4lUs=

http://ultradownloads.com.br/.../2,908579.html

http://www.magix-download.com/yeah/.../slideshow_maker_45mb_d_en.exe

Scan slideshow_maker_45mb_d_en.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.