home

MaxigetUpdater.exe

Maxiget Updater

Maxiget Limited

This is part of a bundled installer which provides applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application MaxigetUpdater.exe by Maxiget Limited has been detected as adware by 2 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler named MaxigetUpdaterTaskMachineCore triggered to execute each time a user logs in.
Publisher:
Maxiget Ltd.  (signed by Maxiget Limited)

Product:
Maxiget Updater

Version:
70.3.27.7017

MD5:
bb99e2c0af634fe47ba709b90f2f7821

SHA-1:
68cb905cd45e92548a72f85ed35b5ab32ccd4123

SHA-256:
ef3c5affa3265f732d9a344cd66b296691634508dfc61db3f625f8756bcf53f4

Scanner detections:
2 / 68

Status:
Adware

Explanation:
This is a modified installer version of the software and bundles additional offers including adware.

Analysis date:
4/24/2024 11:58:51 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Generic
2015.0.3388

Reason Heuristics
PUP.MaxigetLimited.O
14.8.9.6

File size:
127.4 KB (130,456 bytes)

Product version:
70.3.27.7017

Copyright:
Copyright 2007-2010 Google Inc.

Original file name:
MaxigetUpdater.exe

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

Common path:
C:\Program Files\maxiget\updater\maxigetupdater.exe

Digital Signature
Signed by:
Maxiget Limited

Authority:
GoDaddy.com, Inc.

Valid from:
6/3/2014 12:41:06 PM

Valid to:
8/15/2016 10:41:32 AM

Subject:
CN=Maxiget Limited, O=Maxiget Limited, L=Limassol, S=Cyprus, C=CY

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
043F9C868704FA

File PE Metadata
Compilation timestamp:
8/6/2014 7:51:58 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:nzaczdLnI5tI+m8sx+2rh3B8eNIe9nppehTNbe+/urla7aM0k0Yv3uZ5StYKJyeS:zRRLMI+6

Entry address:
0x3CBE

Entry point:
E8, 70, 21, 00, 00, E9, 79, FE, FF, FF, 6A, 0C, 68, F8, 0C, 41, 00, E8, 08, 01, 00, 00, 8B, 75, 08, 85, F6, 74, 75, 83, 3D, 80, EB, 40, 00, 03, 75, 43, 6A, 04, E8, 5A, 23, 00, 00, 59, 83, 65, FC, 00, 56, E8, 82, 23, 00, 00, 59, 89, 45, E4, 85, C0, 74, 09, 56, 50, E8, A3, 23, 00, 00, 59, 59, C7, 45, FC, FE, FF, FF, FF, E8, 0B, 00, 00, 00, 83, 7D, E4, 00, 75, 37, FF, 75, 08, EB, 0A, 6A, 04, E8, 46, 22, 00, 00, 59, C3, 56, 6A, 00, FF, 35, EC, D5, 40, 00, FF, 15, 7C, F0, 40, 00, 85, C0, 75, 16, E8, 78, 07, 00...
 
[+]

Entropy:
5.6240

Code size:
40.5 KB (41,472 bytes)

Scheduled Task
Task name:
MaxigetUpdaterTaskMachineCore

Trigger:
Logon (Runs on logon)

Action:
maxigetupdater.exe \c

Description:
Keeps your Maxiget software up to date. If this task is disabled or stopped, your Maxiget software will not be kept up to date, meaning security vulne


Remove MaxigetUpdater.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.