home

4shared_desktop_4.0.3.1.exe

4shared Desktop Setup

New IT Solutions

The application 4shared_desktop_4.0.3.1.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from dc479.4shared.com.
Publisher:
New IT Solutions

Product:
4shared Desktop Setup

Version:
4.0.3.1

MD5:
482587033e52a1dff53a4144f23843ea

SHA-1:
fae32187585d02804b51b7d58c973130fd7d24ae

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/27/2024 3:28:35 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.NewITSolutions.Installer.Meta (L)
15.6.19.9

File size:
5.6 MB (5,852,768 bytes)

Copyright:
New IT Solutions

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\4shared_desktop_4.0.3.1.exe

File PE Metadata
Compilation timestamp:
4/10/2010 3:19:31 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:fzO7Z+ByxlOyexgcs6ArgkStxQM7osPuI+sPtumURA8oGNoD8MyeDFtGi5PHgS4A:fy78By/OyexgT1l+P7jPz+dtHoKc/GMH

Entry address:
0x354B

Entry point:
8A, E0, 88, E4, 3B, F7, 78, 04, 01, D8, 18, FD, 86, D1, 2C, 54, FF, C8, 2D, 9F, AA, E3, 01, 15, 9F, 7F, 68, 4B, 0F, B6, F4, 81, F7, A7, F3, 00, 00, 2A, E3, 86, E7, 0F, B6, FC, 84, C5, 6A, 00, 5F, 8D, 15, 6D, AB, 5E, 50, 0F, AF, C1, 87, C9, 88, E1, 8D, 15, 96, B1, BE, C8, 32, F0, 0F, AF, EF, 81, C7, 7E, F0, FF, FF, 85, FE, 76, 04, 45, 85, D5, 4B, 81, C7, 83, 0F, 00, 00, 0F, B7, DB, 87, CB, 84, EE, 8B, D8, B3, 09, 85, C9, 81, FF, CB, 00, 00, 00, 0F, 8C, BB, FF, FF, FF, FF, C6, 0F, BF, F5, 4A, C7, C2, AD, 89...
 
[+]

Entropy:
7.9934  (probably packed)

Code size:
25 KB (25,600 bytes)

The file 4shared_desktop_4.0.3.1.exe has been seen being distributed by the following URL.

http://dc479.4shared.com/.../-UtQpTHA

Remove 4shared_desktop_4.0.3.1.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.