» jdownloader2betasetup.exe
Overview
Analysis
File Details
Programs (1)
Downloads (2)

jdownloader2betasetup.exe

JDownloader

AppWork GmbH

The installer utilizes the installCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application jdownloader2betasetup.exe by AppWork GmbH has been detected as a potentially unwanted program by 2 anti-malware scanners. The program is a setup application that uses the installCore installer. This file is typically installed with the program 360Amigo System Speedup PRO by 360Amigo. The file has been seen being downloaded from s10526.chomikuj.pl and multiple other hosts.

File name:

Publisher:

AppWork GmbH (signed and verified)

Product:

JDownloader

Version:

MD5:

a54624adba73c7c6c9128ae720f08bec

SHA-1:

1a104d4a697522d7be968ef7759d170ac5e865b9

SHA-256:

9e196e5eb12871b33d3b60956b7bbb751188984be22d8e1c5e5f9a30629cb884

Scanner detections:

2 / 68

Status:

Potentially unwanted

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

4/27/2024 3:40:31 AM UTC (today)

Scan engine

Detection

Engine version

Emsisoft Anti-Malware

Trojan.StartPage.ZZT

8.14.03.19.08

Reason Heuristics

PUP.Installer.AppWorkGmbH.V

14.7.28.0

File size:

25 MB (26,183,808 bytes)

Product version:

AppWork GmbH

Original file name:

JDownloader2OfflineSetup.exe

File type:

Executable application (Win64 EXE)

Bundler/Installer:

installCore

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\jdownloader2betasetup.exe

Digital Signature

Signed by:

AppWork GmbH

Authority:

GlobalSign nv-sa

Valid from:

3/1/2011 3:00:48 PM

Valid to:

3/1/2014 3:00:41 PM

Subject:

E=e-mail@appwork.org, CN=AppWork GmbH, O=AppWork GmbH, L=Fürth, S=Bavaria, C=DE

Issuer:

CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:

0100000000012E71E7355C

File PE Metadata

Compilation timestamp:

1/13/2012 11:16:35 AM

OS version:

4.0

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

2.56

CTPH (ssdeep):

786432:uYpsNpr9t4HdjRNjx3P6oLyfj8Kute7RsiO0Q:cMd/9P6fAKUoZbQ

Entry address:

0x11F8

Entry point:

4D, 5A, 90, 00, 03, 00, 00, 00, 04, 00, 00, 00, FF, FF, 00, 00, B8, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 80, 00, 00, 00, 0E, 1F, BA, 0E, 00, B4, 09, CD, 21, B8, 01, 4C, CD, 21, 54, 68, 69, 73, 20, 70, 72, 6F, 67, 72, 61, 6D, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 72, 75, 6E, 20, 69, 6E, 20, 44, 4F, 53, 20, 6D, 6F, 64, 65, 2E, 0D, 0D, 0A, 24, 00, 00, 00, 00, 00, 00, 00... 
[+]

Code size:

181 KB (185,344 bytes)

The file jdownloader2betasetup.exe has been discovered within the following program.

360Amigo System Speedup PRO by 360Amigo

360Amigo System Speedup is a tool of Windows that works quickly in identifying the problem and fix it if there are some mistakes that result in slow system performance.

www.360amigo.com

56% remove it

The file jdownloader2betasetup.exe has been seen being distributed by the following 2 URLs.

http://s10526.chomikuj.pl/File.aspx?e=SB8LCskYZm0ilNDEEJT0XRM9qpBIgVd6STDJ-aE_jb2MF8BeUfgTSimtgT-rrJkjDBgIjyIpN3wjRoOjfD6woGKzN_dXiedfWeoIAj1eVeY0I-4WlQDT5DneNL6VX87pOFvt7ZtwYmewVFT7nGd2ag&pv=2

http://s10526.chomikuj.pl/File.aspx?e=SB8LCskYZm0ilNDEEJT0XZyeQWoPpH7ZeZ4bfNjKoZDDW2_5eC99gBW1ewJFrawc_0ohCSFTrATsmqjv02Ao_wdTlpS7jo0bnciVsZQ583KECNLcJMrujcVm2r77gw0JFdb1bbcSgSVk8GHniOGd_g&pv=2

Remove jdownloader2betasetup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.