home

gdpicture+pro+imaging+sdk+5.12.5.exe

SuperCharging

Maxiget Limited

This is a bundle installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application gdpicture+pro+imaging+sdk+5.12.5.exe by Maxiget Limited has been detected as adware by 18 anti-malware scanners. The program is a setup application that uses the New IT Desktop Setup installer. The file has been seen being downloaded from ds133.maxiget.com.
Publisher:
SPC LLC  (signed by Maxiget Limited)

Product:
SuperCharging

Description:
DWD

Version:
3, 3, 22, 0

MD5:
e052ee59a6d240b44d2ef1d1a735f3c9

SHA-1:
0bf2a0133c9f786a01ac6289c6e7294397885dd1

SHA-256:
e7ef09cd720987674b92160698232cf4bed2ff9f82ad5e6d8afa84002fdb6ba5

Scanner detections:
18 / 68

Status:
Adware

Explanation:
This is a modified installer version of the software and bundles additional offers including adware.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/26/2024 4:58:46 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.4Shared
7.1.1

Avira AntiVirus
APPL/Downloader.Gen
7.11.182.198

AVG
Maxiget Limited
2015.0.3302

Clam AntiVirus
Win.Trojan.4shared-27
0.98/19574

Comodo Security
Application.Win32.4Shared.K
19974

Dr.Web
Adware.Downware.4324
9.0.1.05190

ESET NOD32
Win32/4Shared.U potentially unwanted application
7.0.302.0

F-Prot
W32/A-3006e021
v6.4.7.1.166

G Data
Win32.Application.4shared
14.11.24

K7 AntiVirus
Unwanted-Program
13.185.13866

Malwarebytes
PUP.Optional.4Shared
v2014.11.02.06

McAfee
Obfosha
5600.6958

NANO AntiVirus
Riskware.Win32.Downware.ddozlj
0.28.6.62995

Reason Heuristics
PUP.MaxigetLimited.EE
14.11.2.18

Sophos
4Share Downloader
4.98

Vba32 AntiVirus
Downloader.GetFaster
3.12.26.3

VIPRE Antivirus
Threat.4150696
34232

Zillya! Antivirus
Downloader.GetFaster.Win32.23
2.0.0.1974

File size:
425.8 KB (436,016 bytes)

Product version:
3, 3, 22, 0

Copyright:
2013

Trademarks:
-

File type:
Executable application (Win32 EXE)

Bundler/Installer:
New IT Desktop Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\gdpicture+pro+imaging+sdk+5.12.5.exe

Digital Signature
Signed by:
Maxiget Limited

Authority:
COMODO CA Limited

Valid from:
11/12/2013 1:00:00 AM

Valid to:
11/13/2014 12:59:59 AM

Subject:
CN=Maxiget Limited, O=Maxiget Limited, STREET="Arch. Makariou III, 135", STREET="Emelle Building, 4th floor", L=Limassol, S=Limassol, PostalCode=3021, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FBB004FE732F9C48D07FE66424856186

File PE Metadata
Compilation timestamp:
5/15/2014 2:12:41 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:Zhv9K8SSeot00WQGwthtoWExghexAJwV8J0n9xc5Vz2KEbIqOl:/v9KSXWxitnExghexLG4ELz2KFqw

Entry address:
0x2A0AC

Entry point:
E8, FB, A3, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 14, A1, 58, CD, 44, 00, 33, C5, 89, 45, FC, 53, 56, 33, DB, 57, 8B, F1, 39, 1D, A4, E5, 44, 00, 75, 38, 53, 53, 33, FF, 47, 57, 68, 5C, 1D, 44, 00, 68, 00, 01, 00, 00, 53, FF, 15, 58, F1, 43, 00, 85, C0, 74, 08, 89, 3D, A4, E5, 44, 00, EB, 15, FF, 15, C4, F0, 43, 00, 83, F8, 78, 75, 0A, C7, 05, A4, E5, 44, 00, 02, 00, 00, 00, 39, 5D, 14, 7E, 22, 8B, 4D, 14, 8B, 45, 10, 49, 38, 18, 74, 08, 40, 3B, CB, 75, F6, 83, C9, FF, 8B, 45, 14, 2B, C1...
 
[+]

Code size:
248 KB (253,952 bytes)

The file gdpicture+pro+imaging+sdk+5.12.5.exe has been seen being distributed by the following URL.

https://ds133.maxiget.com/smart-download/.../GdPicture Pro Imaging SDK 5.12.5.exe

Remove gdpicture+pro+imaging+sdk+5.12.5.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.