home

civilcad viderotutorial 08_plataformas.exe

Download Helper

IT MANAGEMENT GROUP LTD

This is a bundle installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application civilcad viderotutorial 08_plataformas.exe by IT MANAGEMENT GROUP has been detected as adware by 19 anti-malware scanners. The program is a setup application that uses the New IT Desktop Setup installer. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from dc105.4shared.com.
Publisher:
IT MANAGEMENT GROUP LTD  (signed and verified)

Product:
Download Helper

Version:
1, 1, 0, 0

MD5:
ec247f54ca4730762c3758c7187c78c3

SHA-1:
5568383ed6c289942ce77fe3d02a1d9f11e07504

SHA-256:
872799a27d379673fd868217b037d41ac846876195c981e360e3f698c927dcd5

Scanner detections:
19 / 68

Status:
Adware

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/25/2024 12:31:43 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.W32.Gen
2.1.4+

Agnitum Outpost
PUA.4Shared
7.1.1

avast!
Downloader-TQP [PUP]
141214-1

AVG
Potentially harmful program Skodna.Downloader.K
2014.0.4235

Comodo Security
Application.Win32.NewIT.B
20394

Dr.Web
Adware.Toolbar.111
9.0.1.05190

ESET NOD32
Win32/4Shared.D potentially unwanted application
7.0.302.0

Fortinet FortiGate
Riskware/4Shared
12/17/2014

F-Prot
W32/A-98e3043d
v6.4.7.1.166

IKARUS anti.virus
possible-Threat.Skodna
t3scan.1.8.5.0

K7 AntiVirus
Unwanted-Program
13.188.14354

McAfee
Program.PUP-FIV
16.8.708.2

NANO AntiVirus
Riskware.Win32.Toolbar.dbxkdu
0.28.6.64267

Qihoo 360 Security
Malware.QVM06.Gen
1.0.0.1015

Reason Heuristics
PUP.ITMANAGEMENTGROUP.g
14.12.17.2

Rising Antivirus
PE:PUF.4Shared!1.9C25
23.00.65.141215

Sophos
PUA '4Share Downloader'
5.09

SUPERAntiSpyware
Trojan.Agent/Gen-Downloader
10173

VIPRE Antivirus
Threat.4758582
35418

File size:
934.9 KB (957,304 bytes)

Product version:
1, 1, 0, 0

Copyright:
Copyright (C) 2013

File type:
Executable application (Win32 EXE)

Bundler/Installer:
New IT Desktop Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\civilcad viderotutorial 08_plataformas.exe

Digital Signature
Signed by:
IT MANAGEMENT GROUP LTD

Authority:
GoDaddy.com, Inc.

Valid from:
3/15/2013 12:57:25 PM

Valid to:
3/14/2016 3:41:32 PM

Subject:
CN=IT MANAGEMENT GROUP LTD, O=IT MANAGEMENT GROUP LTD, L=Limassol, S=N/A, C=CY

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
082965B7976A8F

File PE Metadata
Compilation timestamp:
3/19/2013 8:25:14 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:P/3zXso48sMBiRRXCCxkt22ODRhGeVnAvr51j+vKa8iF:P/jXsG8VJkt90SeVnATj+vK6F

Entry address:
0x951D

Entry point:
E8, 9C, 43, 00, 00, E9, 79, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3...
 
[+]

Entropy:
7.8562  (probably packed)

Code size:
87 KB (89,088 bytes)

The file civilcad viderotutorial 08_plataformas.exe has been seen being distributed by the following URL.

https://dc105.4shared.com/downloadhelper/named/trinitymaxidelta/.../CivilCad Viderotutorial 08_Plataformas.exe

Remove civilcad viderotutorial 08_plataformas.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.