home

codigo.exe

CHummer

Maxiget Limited

This is a bundle installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application codigo.exe, “Description is empty” by Maxiget Limited has been detected as adware by 21 anti-malware scanners. The program is a setup application that uses the New IT Desktop Setup installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.
Publisher:
Elit -e - Company  (signed by Maxiget Limited)

Product:
CHummer

Description:
Description is empty

Version:
3, 5, 13, 0

MD5:
a89f9c4572fa43dbfb9ce8736a4d8c44

SHA-1:
a109dbbecc3e1567d59c51a12cf696de2376dacd

SHA-256:
c5995291f07dabd07b877fc25886b6cd226f6dfaeae9c020544b2f8e0fa30a05

Scanner detections:
21 / 68

Status:
Adware

Explanation:
This is a modified installer version of the software and bundles additional offers including adware.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/25/2024 3:01:02 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.Jaiks.244
835

Agnitum Outpost
PUA.4Shared
7.1.1

Avira AntiVirus
APPL/Bundler.Jaiks.244.2
7.11.180.154

AVG
Maxiget Limited
2015.0.3313

Bitdefender
Gen:Variant.Application.Bundler.Jaiks.244
1.0.20.1475

Clam AntiVirus
Win.Trojan.Agent-785988
0.98/21411

ESET NOD32
Win32/4Shared (variant)
8.10604

F-Prot
W32/A-1ed09b26
v6.4.7.1.166

F-Secure
Gen:Variant.Application.Bundler
11.2014-22-10_4

G Data
Gen:Variant.Application.Bundler.Jaiks.244
14.10.24

IKARUS anti.virus
Trojan.Win32.Badur
t3scan.1.7.8.0

Kaspersky
Trojan.Win32.Badur
15.0.0.494

Malwarebytes
PUP.Optional.Elite
v2014.10.22.04

McAfee
PUP-FNX
5600.6969

MicroWorld eScan
Gen:Variant.Application.Bundler.Jaiks.244
15.0.0.885

NANO AntiVirus
Trojan.Win32.4Shared.dfhejw
0.28.2.62841

Reason Heuristics
PUP.MaxigetLimited.G
14.10.22.15

Sophos
4Share Downloader
4.98

SUPERAntiSpyware
PUP.4Shared/Variant
10284

Vba32 AntiVirus
Trojan.Badur
3.12.26.3

Zillya! Antivirus
Backdoor.PePatch.Win32.44192
2.0.0.1964

File size:
524.5 KB (537,112 bytes)

Product version:
3, 5, 13, 0

Copyright:
2014

Trademarks:
No

Original file name:
DHelper

File type:
Executable application (Win32 EXE)

Bundler/Installer:
New IT Desktop Setup

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\codigo.exe

Digital Signature
Signed by:
Maxiget Limited

Authority:
COMODO CA Limited

Valid from:
11/12/2013 1:00:00 AM

Valid to:
11/13/2014 12:59:59 AM

Subject:
CN=Maxiget Limited, O=Maxiget Limited, STREET="Arch. Makariou III, 135", STREET="Emelle Building, 4th floor", L=Limassol, S=Limassol, PostalCode=3021, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FBB004FE732F9C48D07FE66424856186

File PE Metadata
Compilation timestamp:
9/5/2014 5:52:27 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:yJBDn7/o5rrBb4pLmadg5rixchdwr3DHBuP:ynnDmCmaQGxc7u3D2

Entry address:
0x425D8

Entry point:
E8, 3A, BF, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 14, A1, 00, DE, 46, 00, 33, C5, 89, 45, FC, 53, 56, 33, DB, 57, 8B, F1, 39, 1D, BC, 0E, 47, 00, 75, 38, 53, 53, 33, FF, 47, 57, 68, D4, 1C, 46, 00, 68, 00, 01, 00, 00, 53, FF, 15, 94, C1, 45, 00, 85, C0, 74, 08, 89, 3D, BC, 0E, 47, 00, EB, 15, FF, 15, DC, C0, 45, 00, 83, F8, 78, 75, 0A, C7, 05, BC, 0E, 47, 00, 02, 00, 00, 00, 39, 5D, 14, 7E, 22, 8B, 4D, 14, 8B, 45, 10, 49, 38, 18, 74, 08, 40, 3B, CB, 75, F6, 83, C9, FF, 8B, 45, 14, 2B, C1...
 
[+]

Code size:
361.5 KB (370,176 bytes)

Remove codigo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.