home

الحلويات العصرية.exe

CHummer

Maxiget Software

This is a bundle installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application الحلويات العصرية.exe, “Description is empty” by Maxiget Software has been detected as adware by 24 anti-malware scanners. The program is a setup application that uses the New IT Desktop Setup installer. It is also typically executed from the user's temporary directory.
Publisher:
Elit -e - Company  (signed by Maxiget Software)

Product:
CHummer

Description:
Description is empty

Version:
3, 5, 13, 0

MD5:
cc86b3e0354984d5ab4e7424d376d9b9

SHA-1:
62bdea5247c1f5cb545c3e4ac02a62098732dc25

SHA-256:
b3b5a94342610e5bb3b3f902bc184fce1e861897536de0c7cd06f99046557cb5

Scanner detections:
24 / 68

Status:
Adware

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
4/23/2024 5:19:29 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Graftor.164151
5829319

Agnitum Outpost
PUA.4Shared
7.1.1

AhnLab V3 Security
PUP/Win32.Bundler
2014.11.24

Avira AntiVirus
APPL/Downloader.Gen4
7.11.188.80

AVG
Generic
2015.0.3282

Bitdefender
Gen:Variant.Graftor.164151
1.0.20.1635

Clam AntiVirus
Win.Trojan.Agent-785988
0.98/21511

Emsisoft Anti-Malware
Gen:Variant.Graftor.164151
9.0.0.4570

ESET NOD32
Win32/4Shared.Y potentially unwanted application
7.0.302.0

F-Prot
W32/A-1ed09b26
v6.4.7.1.166

F-Secure
Gen:Variant.Graftor.164151
11.2014-23-11_1

G Data
Gen:Variant.Graftor.164151
14.11.24

IKARUS anti.virus
Trojan.Win32.Badur
t3scan.1.8.3.0

Malwarebytes
PUP.Optional.Elite
v2014.11.23.09

McAfee
PUP-FNX
5600.6938

MicroWorld eScan
Gen:Variant.Graftor.164151
15.0.0.981

NANO AntiVirus
Trojan.Win32.4Shared.dfhejw
0.28.6.63474

Panda Antivirus
Trj/Genetic.gen
14.11.23.09

Reason Heuristics
PUP.MaxigetSoftware.R
14.11.23.9

Sophos
4Share Downloader
4.98

SUPERAntiSpyware
PUP.4Shared/Variant
10220

Vba32 AntiVirus
Trojan.Badur
3.12.26.3

VIPRE Antivirus
Threat.4150696
35010

Zillya! Antivirus
Backdoor.PePatch.Win32.44192
2.0.0.1991

File size:
571.1 KB (584,784 bytes)

Product version:
3, 5, 13, 0

Copyright:
2014

Trademarks:
No

Original file name:
DHelper

File type:
Executable application (Win32 EXE)

Bundler/Installer:
New IT Desktop Setup

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\???????? ???????.exe

Digital Signature
Signed by:
Maxiget Software

Authority:
Maxiget CA

Valid from:
6/18/2014 11:55:18 AM

Valid to:
2/18/2016 10:55:17 AM

Subject:
CN=Maxiget Software

Issuer:
CN=Maxiget CA

Serial number:
17A0EA9F

File PE Metadata
Compilation timestamp:
9/5/2014 5:52:27 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:AJBDn7/o5rrBb4pLmadg5rixchdwr3DFBuPKecyysW:AnnDmCmaQGxc7u3DwKecydW

Entry address:
0x425D8

Entry point:
E8, 3A, BF, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 14, A1, 00, DE, 46, 00, 33, C5, 89, 45, FC, 53, 56, 33, DB, 57, 8B, F1, 39, 1D, BC, 0E, 47, 00, 75, 38, 53, 53, 33, FF, 47, 57, 68, D4, 1C, 46, 00, 68, 00, 01, 00, 00, 53, FF, 15, 94, C1, 45, 00, 85, C0, 74, 08, 89, 3D, BC, 0E, 47, 00, EB, 15, FF, 15, DC, C0, 45, 00, 83, F8, 78, 75, 0A, C7, 05, BC, 0E, 47, 00, 02, 00, 00, 00, 39, 5D, 14, 7E, 22, 8B, 4D, 14, 8B, 45, 10, 49, 38, 18, 74, 08, 40, 3B, CB, 75, F6, 83, C9, FF, 8B, 45, 14, 2B, C1...
 
[+]

Code size:
361.5 KB (370,176 bytes)

Remove الحلويات العصرية.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.