» mediaget_id4269611ids2s.exe
Overview
Analysis
File Details
Downloads (59)

mediaget_id4269611ids2s.exe

mediaget-installer Module

Banner LLC

The application mediaget_id4269611ids2s.exe, “MediaGet installer” by Banner has been detected as a potentially unwanted program by 11 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. The file has been seen being downloaded from goo.gl and multiple other hosts.

File name:

Publisher:

MediaGet LLC (signed by Banner LLC)

Product:

mediaget-installer Module

Description:

MediaGet installer

Version:

1.0

MD5:

3075723b79e40c1101b9ec68fa306524

SHA-1:

7457e8f9b95df85ababebee32e9ceb574cf3cad9

SHA-256:

8102c82731163590c024f7b19f546d0cad868d4818d616faea761e1b080f6972

Scanner detections:

11 / 68

Status:

Potentially unwanted

Analysis date:

4/24/2024 8:06:56 PM UTC (today)

Scan engine

Detection

Engine version

AVG

Banne

2016.0.2954

Baidu Antivirus

Adware.Win32.MediaGet

4.0.3.151016

Bkav FE

W32.HfsAdware

1.3.0.7237

Comodo Security

Application.Win32.MediaGet.G

23426

Dr.Web

Program.MediaGet.133

9.0.1.0289

ESET NOD32

Win32/MediaGet.AF potentially unwanted (variant)

9.12420

G Data

Win32.Adware.MediaGet

15.10.25

K7 AntiVirus

Unwanted-Program

13.211.17566

Kaspersky

not-a-virus:HEUR:Downloader.Win32.MediaGet

14.0.0.1265

Malwarebytes

PUP.Optional.MediaGet

v2015.10.16.09

Reason Heuristics

PUP.MediaGet.Banner.Installer (M)

15.10.16.21

File size:

657.5 KB (673,312 bytes)

Product version:

1.0

Original file name:

mediaget-installer.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\mediaget_id4269611ids2s.exe

Digital Signature

Signed by:

Banner LLC

Authority:

COMODO CA Limited

Valid from:

3/25/2014 6:00:00 PM

Valid to:

3/25/2017 5:59:59 PM

Subject:

CN=Banner LLC, O=Banner LLC, STREET="lit.A, pom. 7N, 21 Serebristy bul.", L=St.Petersburg, S=Russia, PostalCode=197341, C=RU

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

75D61BEBB47652BF2C5DF2DDF44F0E3A

File PE Metadata

Compilation timestamp:

10/16/2015 9:23:08 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12288:3Q0jbCyUaRV8/xAXrkC4ePE581C/joKG/yLYvo1Qja8dOixbXJmea6j77FlvO/c:35jbCybRVSxAbd4e858MsKGOjqjVOixv

Entry address:

0x15FC50

Entry point:

60, BE, 00, B0, 51, 00, 8D, BE, 00, 60, EE, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B... 
[+]

Entropy:

7.9538

Packer / compiler:

UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:

276 KB (282,624 bytes)

The file mediaget_id4269611ids2s.exe has been seen being distributed by the following 50 URLs.

http://goo.gl/j3BejD

http://sub2.bubblesmedia.ru/sb/clk/s/1556/h/b8dba2/o/145/.../0?a=1&f=Need For Speed Most Wanted Full indir - Pc

http://ld.mediaget.com/index2.php?l=ru&r=al_99torrents.net&comment=o471|p|i0|l0|e0|s712&bbls_client_id=218072304

http://sub2.bubblesmedia.ru/.../?link=d9VXkDBIgi0Rxvh3U87gYMUpZveMCXabkdPGpEd2CwYoJOVfdEvJOVkWiLCOCbI5S6Wbd0VphiGIvGKe3NTG71zY7Mja0r2Qoh7UaQMWOKRuP3zbCli3toVgbHBAkFfrT1B2OAlqVn4CwQ==&param=W8NqoVwKndM=&rid=2779&s=????? "??????????? ??? ???????. ?????? ??????????, ??????? ??????? ???? ???????" - ????? ???? - ?????? - ??????? pdf - ??????, ?????? - ??????&r=litmir.me&f=????? "??????????? ??? ???????. ?????? ??????????, ??????? ??????? ???? ???????" - ????? ???? - ?????? - ??????? pdf - ??????, ?????? - ??????&cs=UTF-8&u=&fu=

http://torr.mediaget.com/torr.php?r=ea6.net&s=en gozel seksi kino&f=en gozel seksi kino

http://www.turbobitcdn4.com/down.php?is=Minecraft.Indir.Full.Pc.1.8.8.Team.Extreme.Hizli&t1=fullprogramlarust&t2=ozel

http://mediaget.com/torrent.php?r=pc-torrents.com&uhttp://pc-torrents.com/.../download.php?id=117

http://sub2.bubblesmedia.ru/sb/clk/s/2451/o/145/.../0?a=1

http://sub2.admitlead.ru/sb/clk/s/637/h/1e906f/o/471/.../0?a=1

http://sub2.bubblesmedia.ru/go/?link=OauCOaw5ts87jMMZPlwkEldBOoQKy6QxXZjTcHCNJXJNlF3rcwcMAQLtyZryxDGsmnkQ0C6HDyBsiy30/UF4OKlbCZ5Ch0eOLNCfcNL/LR8MXKdF4HVGTGTqdpgU6K/.../hnyOe8mc9K28pg1vqlrw60MWsBv&param=BbYkHXCp4Y4=&rid=3357

http://sub2.bubblesmedia.ru/sb/clk/s/3096/h/aa6015/o/145/p/1350/.../0?a=1

http://goo.gl/eaW5Pg

http://mg.bubblesmedia.ru/index.php?redirect_url=http://.../index2.php?bbl_clk_id=331044-1445083136&bbl=1&f=Скачать фильм Петля (2013) - Открытый торрент трекер Скачать торент с Fast torrent Скачать фильмы бесплатно без регистрации&s=Скачать фильм Петл%u

http://sub2.bubblesmedia.ru/go/?link=6Mese7H6pwIvA/.../wLPVSsL7dkk4WXqjd IOggjdQMzRzp9Fp5izVmACD9D4IZ&param=X G2uoqofQc=&rid=1332&f=????????? [5 ?????: 1-8 ??????] (2015) SATRip ??????? ??????? [21.87 GB] :: MegaPeer.org

http://sub2.bubblesmedia.ru/sb/clk/s/1923/o/145/.../0?a=1

http://sub2.bubblesmedia.ru/go/?link=U20JBKktSF7t1IH BdjRO9a0f/1vX/LOWy8yuBczzAFmB6FJmIubRLcFlK7 QqfFi /tkc2SQdkVspSBrO0bL2h4XnP1cpEKnR6SoQPHH9MIVAVQj82UwIe cmhkW69kWW 5blV22p71HfE=&param=1cOEHoNffxk=&rid=3241&r=consol-games.net&u=http://consol-games.net/.../download.php?id=5894&f=Prince_rival_rus.torrent

http://mediaget.com/torrent.php?r=vessoft.com

http://sub2.bubblesmedia.ru/go/?link=481hqsjJ8FdZdyg7q52eU7TlSep/NQWPM/33tS/HlhtVgXk1WicIM6n0lHI4RG3zNlPb8QZ20b7bPW19yRH9o93Su5xmfwTz2nWn8nu6KddQSM1q120qqcDeNp ytjxLyqneT5RHmnH2gKY=&param=HgPoBdjXLFs=&rid=3243&r=rutor.net&u=http://rutor.net/.../download.php?id=39067&f=mo-csgoff.dmg.torrent

http://sub2.admitlead.ru/sb/clk/s/901/h/fceed1/o/471/.../0?my_affiliate_id=reklamtrk.com&f=FarmingSimulator16ApkPara&data_send_to_me=33DAA9FAE51631761CC8B1BD6E2683FBC49A262A_www.adasunucum.com_2907w1

http://www.installads.net/torrent.php?t1=torrentoyun&is=Endless Legend Update

http://sub2.bubblesmedia.ru/sb/clk/s/1771/h/42eda4/o/145/.../12?a=1&f=Counter Strike Global

http://sub2.admitlead.ru/sb/clk/s/877/h/0064ca/o/471/p/1507/.../0?a=1

http://sub2.bubblesmedia.ru/sb/clk/s/2986/h/684563/o/145/p/1266/.../0?a=1

http://sub2.bubblesmedia.ru/sb/clk/s/2933/h/b477dd/o/145/p/1256/.../0?a=1

http://sub2.admitlead.ru/sb/clk/s/607/h/441b76/o/471/.../0?a=1

http://sub2.bubblesmedia.ru/sb/clk/s/2827/h/21d1fd/o/145/p/2102/.../0?a=1

http://sub2.bubblesmedia.ru/go/.../LY=&rid=3357

http://sub2.bubblesmedia.ru/go/?link=fApstkxFSFuZhxnN9UWKGd 8NPvg RhdlzCpgXJJB b1aQj5GND1hFnvddcRTskq/.../TmKcg=&rid=3290

http://ld.mediaget.com/index2.php?l=ru&r=1torrents.net&bbls_client_id=218264540&bbl=1&bbl_clk_id=598023-1445184720

http://sub2.bubblesmedia.ru/go/?link=7VmnlE3JYGKm7 2WPiWvJVaoE8gMGjkbkFRX8ZMRamg1WYPGlK6KnTOYpcDuheqmQrKUwrNEywqjn6u21ruXeojHd2lDrdwqcqyZFyljbCZOJUrfIK3SVVXEhD Zp6f8Y4JO5pFmwd66FA==&param=EI1jj1LFq 8=&rid=3307&r=goldenshara.org&u=http://.../download.php?id=268012

Latest 30 of 59 download URLs

Remove mediaget_id4269611ids2s.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.