home

mediaget_id3338363ids1s.exe

Banner LLC

The application mediaget_id3338363ids1s.exe by Banner has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Banner LLC  (signed and verified)

MD5:
24e281f1a73ed128289376519c7ed073

SHA-1:
36af59e321bcb5df247113c520b32e67042c31f3

SHA-256:
54e4fd07ef050d2f0caec9a35b76e5e23c1a33b893ad0055e36c9aef69488f40

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/26/2024 4:33:50 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.MediaGet (M)
17.2.24.15

File size:
465.5 KB (476,704 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\mediaget_id3338363ids1s.exe

Digital Signature
Signed by:
Banner LLC

Authority:
COMODO CA Limited

Valid from:
3/26/2014 4:00:00 AM

Valid to:
3/26/2017 3:59:59 AM

Subject:
CN=Banner LLC, O=Banner LLC, STREET="lit.A, pom. 7N, 21 Serebristy bul.", L=St.Petersburg, S=Russia, PostalCode=197341, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
75D61BEBB47652BF2C5DF2DDF44F0E3A

File PE Metadata
Compilation timestamp:
11/19/2015 7:19:18 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x135C70

Entry point:
C6, 35, B5, 43, 03, 53, 5E, B0, E6, 02, 15, CB, 6F, 9A, 16, C9, F6, 21, 77, 5F, A0, 84, 9B, FD, DC, B9, 64, 4F, 2E, 72, EB, 59, 33, 0F, 30, CD, 97, 72, E5, 03, 71, 76, 4C, E1, B6, CD, 5E, 69, 13, A9, 1B, 4A, 02, B8, FD, 8A, 81, 4F, FD, 7E, 4F, C6, BF, 3F, BC, A2, EF, 1C, 3E, 42, D0, 43, F8, 2F, 78, AC, E1, E8, 60, E7, 60, C7, EB, AF, C7, A0, 51, ED, 54, 47, BF, 70, 82, 8C, E5, AA, 88, E5, 6E, 67, 20, 1E, 27, FE, 0B, FB, D6, 91, BA, 61, 29, 44, B6, 7B, 23, 2B, A9, C3, EB, E0, 96, F3, AC, 98, C5, 03, 18, 2C...
 
[+]

Code size:
276 KB (282,624 bytes)

Remove mediaget_id3338363ids1s.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.