home

mediaget.exe

mediaget-installer Module

Banner LLC

The application mediaget.exe, “MediaGet installer” by Banner has been detected as a potentially unwanted program by 11 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from www.tamindir.com and multiple other hosts.
Publisher:
MediaGet LLC  (signed by Banner LLC)

Product:
mediaget-installer Module

Description:
MediaGet installer

Version:
1.0

MD5:
f1d72bbb5acf3db3444c44b4ffea67f8

SHA-1:
15ccd600868049560c47c5e97892a8fec75c9647

SHA-256:
e542f5033e4e74c3866f64c7bb3ebec676fcad2ce111b7758220eafab1cd9bd9

Scanner detections:
11 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 6:22:20 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
APPL/MediaGet.Gen5
7.11.205.208

avast!
Win32:Malware-gen
2014.9-150129

AVG
Banne
2016.0.3215

Dr.Web
Program.MediaGet.105
9.0.1.029

ESET NOD32
Win32/MediaGet.AF (variant)
9.11090

G Data
Win32.Adware.MediaGet
15.1.25

Kaspersky
not-a-virus:Downloader.Win32.MediaGet
14.0.0.2569

Malwarebytes
PUP.Adware.MediaGet
v2015.01.29.07

McAfee
Artemis!F1D72BBB5ACF
5600.6871

Reason Heuristics
PUP.Installer.Banner
15.1.29.7

Sophos
MediaGet
4.98

File size:
433 KB (443,424 bytes)

Product version:
1.0

Copyright:
Copyright (c) 2011 MediaGet LLC

Original file name:
mediaget-installer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\mediaget.exe

Digital Signature
Signed by:
Banner LLC

Authority:
COMODO CA Limited

Valid from:
3/26/2014 2:00:00 AM

Valid to:
3/26/2017 1:59:59 AM

Subject:
CN=Banner LLC, O=Banner LLC, STREET="lit.A, pom. 7N, 21 Serebristy bul.", L=St.Petersburg, S=Russia, PostalCode=197341, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
75D61BEBB47652BF2C5DF2DDF44F0E3A

File PE Metadata
Compilation timestamp:
1/23/2015 2:33:10 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:R5CdvBalDYgpIogmZYAQoR7nKTmD5ytv30bLc3ZtQ:WvB2lpgbn07KSkv30bYZtQ

Entry address:
0xFDD30

Entry point:
60, BE, 00, B0, 4B, 00, 8D, BE, 00, 60, F4, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
268 KB (274,432 bytes)

The file mediaget.exe has been seen being distributed by the following 29 URLs.

http://www.tamindir.com/indir/MjAxNS0wMi0wNCAxODoxMzowMA==/mediaget/windows/.../?id=148701

http://sub2.bubblesmedia.ru/go/?link=NZvP6WRtDWj wyWGT141HBxjc/.../dUwObwrcb7y3Y1fOQ14uaYsHWauQZgM799T4U6LapsfcDdbOaytOz46VkZrOjlmw1B8VvTFjrjQle55WB2Q==&param=G922Y57vVYs=&rid=1059&s=??????? ????? ??????? ???????? ??????&r=multzona.org&f=??????? ????? ??????? ???????? ??????&cs=windows-1251&u=&cc=1

http://sub2.bubblesmedia.ru/go/?link=FiKtN8a6oybHzlLyJtufHZtBJ5XKZHZgUBxunsZIIIYbQARrV/f1PlEl7Zc4e32QhHY842hWhM idHE0F/xPrDPrVAQtCPB1J4Bd FfqVeKC4f754n/.../sZ1dq4frK5lQnbVFZg2fsB4AlVVcTccKG99oUpZAoJQ==&param=tvWs97BooB0=&rid=2465&f=Barbie Kristal Sato izle | Direksinemaizle.Com | Full Film izle | Sinema izle | Hd Film izle&cc=2

http://sub2.bubblesmedia.ru/sb/clk/s/1797/o/145/p/1263/.../0?a=1

http://sub2.bubblesmedia.ru/sb/clk/s/2288/o/145/.../0?a=1

http://mg.bubblesmedia.ru/index.php?redirect_url=http://.../index2.php?comment=o471|p0|i62915|l100|e0|s199&r=al_advmaker.600smotret.ru

http://sub2.bubblesmedia.ru/go/?link=wwueeSab0S24Id5QyIgVrcY0eT3lE/wQgb3SjQ756Rzhd0gYXLR39mxa35rHbLC65H7SSJo6xiLqnEAK3qau01FjtCnttWAK3ah5A2Mzyu6bjrcSZP9HYrK8ORItWhnvTlH7e EKrHy/ibU=&param=yyl1xJl8Hck=&rid=2089&s=??????? ????? ??????? ????? / Son of a Gun (2014) - ???????? ??????? ?????? ??????? ?????? ? Fast torrent ??????? ?????? ????????? ??? ???????????&r=fast-torrent.ru&f=??????? ????? ??????? ????? / Son of a Gun (2014) - ???????? ??????? ?????? ??????? ?????? ? Fast torrent ??????? ?????? ????????? ??? ???????????&cs=utf-8&u=&fu=http://www.fast-torrent.ru/download/torrent/.../177202.torrent&cc=3

http://sub2.bubblesmedia.ru/go/?link=dNvBzuxysgyR0pSAjH00t3G1d6f mtefQPS6YLfHZCtzeppMC9V7 QaZA6sWkf xDnsZf0JrVkuXqk87KDXYukR/8d 04ppielj/a5K94X4L6EVCQsTNNt0BbZgvfpNHeE I2m UFYJwng==&param=xaQFLvz/kOw=&rid=1111&s=?????? ??????? ? ???? ???? (2014) ???????? ?????? /.../ ??????? ? ???? ??? (2014) ???????? ?????? ???????? ?????? ??? ????? ????????? ? ??? ???????????&r=serialx.org&f=?????? ??????? ? ???? ???? (2014) ???????? ?????? /.../ ??????? ? ???? ??? (2014) ???????? ?????? ???????? ?????? ??? ????? ????????? ? ??? ???????????&cs=UTF-8&u=&cc=2

http://mediaget.com/download.php?ref_id=yandex&os=windows

http://mediaget.com/torrent.php?r=doramakun.ru

http://sub2.bubblesmedia.ru/go/?link=U7u8wN5xVK7NSYd9QN nMP4rFGEqdTLHwqOWGz4H8BkEK8LBSJ/4iPDIHgnMjfMNE930Wj6u5f1zfQddg9ey84TaS4igg/gnOE2KxE2Uq8OP3/.../R0Sw==&param=voW6QEse5Fo=&rid=2465&f=Mesajiniz Var izle | Direksinemaizle.Com | Full Film izle | Sinema izle | Hd Film izle&cc=2

http://media-get.com/download.php

http://sub2.bubblesmedia.ru/go/?link=5DeAm3W6XokgxhzhR9Ot574B0tk4NU/qP27nP4c1Zy0 t3ntyq0aB45YzhYl3p0Q/HqYXEdl0xLlpZhRAe9rXGdQafSpiJ 0ip1Z3b4QkogchV5psen6JVLrlOakDv6UuEuT/.../HA==&param=FCdHkW6 J3Y=&rid=1059&s=??????? ???: ??????? ? ???????? ???????? ??????&r=multzona.org&f=??????? ???: ??????? ? ???????? ???????? ??????&cs=windows-1251&u=&cc=1

http://sub2.bubblesmedia.ru/.../?link=yUfvRpjZIcBrTYlbpLrUrahUQt8GKe zYi5LIbXHMwYeysZcvG31aqsC68eM5hNevMfRt5f2ZJ7nHyIbsfdpqywjtLk68e2nxRGclr7xqyNsb5aV McN1SKtVbhptdHwiETdjzizS4bs5w==&param=5c4ch6KvFQ0=&rid=1155&s=&r=procsgame.ru&f=&cs=windows-1251&u=&cc=1

http://sub2.bubblesmedia.ru/go/?link=vWlUBnri1KHueTANIHosZN4TeCR3kq2q5YVLG UH6u2vU6ZobqXwcD9l/hvOsv9RUkgZGUImL2dCsJdp4PgQTEB/1ZZh3N7wMzLKBMvMJvucVx3n/y ktVfQF2O6EV6 TVAZP64EIt3MHw==&param=rond9UqHkf0=&rid=2078&s=????? "????? ?????????? ???????? ? ??????. ??????? ??????? ???????" - ??????????? ????????? - ?????? ?????? - ??????? rtf, fb2 - ??????, ?????? - ??????.net&r=litmir.net&f=????? "????? ?????????? ???????? ? ??????. ??????? ??????? ???????" - ??????????? ????????? - ?????? ?????? - ??????? rtf, fb2 - ??????, ?????? - ??????.net&cs=UTF-8&u=&fu=http://www.litmir.me/data/Book/0/200000/.../Mishanenkova_Ekaterina_Samye_ostroumnye_aforizmy_i_citaty._Velikie_chenshiny_istorii_Litmir.net_bid200109_original_ac3ff.fb2.zip&cc=1

http://sub2.bubblesmedia.ru/sb/clk/s/2324/o/145/p/959/.../0?a=1

http://sub2.bubblesmedia.ru/sb/clk/s/2418/o/145/p/2017/.../0?a=1

http://sub2.bubblesmedia.ru/go/?link=nrG9HSWjNvhvsApnwwDPWlwytQ9CRcpkl33WI5kFXepeotSKhwg8zRSnRtQpKi2vlKhK2V3hdC dlVDz4GSfJsk3iMk2rVLqco2HIj35kWBO/.../1jVBWKUF1B7AGtcrHvl77UI7tgIQ5zFbcy3vcOqobJZBoSCdeTfe&param=iXHISU5kCNs=&rid=2457&cc=1

http://sub2.bubblesmedia.ru/sb/clk/s/1038/o/145/p/994/.../777dt?a=1

http://mediaget.com/torrent.php?r=razym.ru

http://sub2.bubblesmedia.ru/go/?link=JL79a0wRuyUiqJSTvAwuSxHlwqGo9zMyiDJZxAUOSMRagmx2ab2o noYpxWu6ffkNziyxEBYMLcBtZc/.../1 yRwouVRhFNLIPcMOFfdTfeWL3hb1dJk5ZKe&param=b8t7qA5hAy8=&rid=2717&f=????? ????? ????? 2015 ???????? ?????? ????????? ? ??????? ????????&cc=2

http://sub2.bubblesmedia.ru/go/?link=o0OF9a1r4ilq5h86QqigtxCjAZWlmBTeXsLvDNBqWKb/OnSWF4F0xqSHJG2pw5moEvcS7of6TW/55VV5yAhOKuqxbCbfX4oHKcMoM0DMwPyQ9SnNUBVPv4l/S9lGIn/bdV7mjbUC/n0HhEc=&param=t3f9uXw0nx8=&rid=2089&s=??????? ?????? ????? ????? 1 (2015) - ???????? ??????? ?????? ??????? ?????? ? Fast torrent ??????? ?????? ????????? ??? ???????????&r=fast-torrent.ru&f=??????? ?????? ????? ????? 1 (2015) - ???????? ??????? ?????? ??????? ?????? ? Fast torrent ??????? ?????? ????????? ??? ???????????&cs=utf-8&u=&fu=http://www.fast-torrent.ru/download/torrent/.../178227.torrent&cc=1

http://mediaget.com/download.php?ref_id=google&os=windows

http://sub2.bubblesmedia.ru/sb/clk/s/1366/o/145/p/1312/.../0?a=1

http://mediaget.com/torrent.php?r=saglamindir.net&s=GTA San Andreas Full Türkçe Indir &f=GTA San Andreas Full Türkçe Indir

http://ld.mediaget.com/index2.php?l=ru&fu=http://www.fast-torrent.ru/download/torrent/undefined/undefined.torrent&r=fast-torrent.ru&f=u0421u043au0430u0447u0430u0442u044c-u0444u0438u043bu044cu043c-u0425u043eu0431u0431u0438u0442-u0411u0438u0442u0432u0430-u043fu044fu0442u0438-u0432u043eu0438u043du0441u0442u0432-/.../-Hobbit:-The-Battle-of-the-Five-Armies-

http://torr.mediaget.com/.../ Hobbit: The Battle of the Five Armies (2014) - ???????? ??????? ?????? ??????? ?????? ? Fast torrent ??????? ?????? ????????? ??? ???????????&r=fast-torrent.ru&f=??????? ????? ??????: ????? ??

http://sub2.bubblesmedia.ru/go/?link=iSrTYVsYdzsgDbJw35FF0dI XM0hUIKHxAOD7AoQ/LIKcariFroezaaw/IyFMdAwC1aYC1JxwzH oWq9rysCq CMKtJsg5UzbZxKQJhxnw6/n8Bn6gKO0DZmAku0i/iNNJ8ueBEkVQ7jj4Q=&param=b3NaR/.../ Hobbit: The Battle of the Five Armies (2014) - ???????? ??????? ?????? ??????? ?????? ? Fast torrent ??????? ?????? ????????? ??? ??????????%

http://mediaget.com/torrent.php?r=saglamindir.net&s=Euro Truck Simulator 2 Full Türkçe Indir &f=Euro Truck Simulator 2 Full Türkçe Indir

Remove mediaget.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.