» mediaget_id4269611ids2s.exe
Overview
Analysis
File Details
Downloads (59)

mediaget_id4269611ids2s.exe

mediaget-installer Module

Banner LLC

The application mediaget_id4269611ids2s.exe, “MediaGet installer” by Banner has been detected as a potentially unwanted program by 11 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. The file has been seen being downloaded from goo.gl and multiple other hosts.

File name:

Publisher:

MediaGet LLC (signed by Banner LLC)

Product:

mediaget-installer Module

Description:

MediaGet installer

Version:

1.0

MD5:

3075723b79e40c1101b9ec68fa306524

SHA-1:

7457e8f9b95df85ababebee32e9ceb574cf3cad9

SHA-256:

8102c82731163590c024f7b19f546d0cad868d4818d616faea761e1b080f6972

Scanner detections:

11 / 68

Status:

Potentially unwanted

Analysis date:

5/11/2025 11:15:46 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

AVG

Banne

2016.0.2954

Baidu Antivirus

Adware.Win32.MediaGet

4.0.3.151016

Bkav FE

W32.HfsAdware

1.3.0.7237

Comodo Security

Application.Win32.MediaGet.G

23426

Dr.Web

Program.MediaGet.133

9.0.1.0289

ESET NOD32

Win32/MediaGet.AF potentially unwanted (variant)

9.12420

G Data

Win32.Adware.MediaGet

15.10.25

K7 AntiVirus

Unwanted-Program

13.211.17566

Kaspersky

not-a-virus:HEUR:Downloader.Win32.MediaGet

14.0.0.1265

Malwarebytes

PUP.Optional.MediaGet

v2015.10.16.09

Reason Heuristics

PUP.MediaGet.Banner.Installer (M)

15.10.16.21

File size:

657.5 KB (673,312 bytes)

Product version:

1.0

Original file name:

mediaget-installer.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\mediaget_id4269611ids2s.exe

Digital Signature

Signed by:

Banner LLC

Authority:

COMODO CA Limited

Valid from:

3/25/2014 6:00:00 PM

Valid to:

3/25/2017 5:59:59 PM

Subject:

CN=Banner LLC, O=Banner LLC, STREET="lit.A, pom. 7N, 21 Serebristy bul.", L=St.Petersburg, S=Russia, PostalCode=197341, C=RU

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

75D61BEBB47652BF2C5DF2DDF44F0E3A

File PE Metadata

Compilation timestamp:

10/16/2015 9:23:08 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12288:3Q0jbCyUaRV8/xAXrkC4ePE581C/joKG/yLYvo1Qja8dOixbXJmea6j77FlvO/c:35jbCybRVSxAbd4e858MsKGOjqjVOixv

Entry address:

0x15FC50

Entry point:

60, BE, 00, B0, 51, 00, 8D, BE, 00, 60, EE, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B... 
[+]

Entropy:

7.9538

Packer / compiler:

UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:

276 KB (282,624 bytes)

The file mediaget_id4269611ids2s.exe has been seen being distributed by the following 50 URLs.

http://goo.gl/j3BejD

http://sub2.bubblesmedia.ru/sb/clk/s/1556/h/b8dba2/o/145/.../0?a=1&f=Need For Speed Most Wanted Full indir - Pc

http://ld.mediaget.com/index2.php?l=ru&r=al_99torrents.net&comment=o471|p|i0|l0|e0|s712&bbls_client_id=218072304

http://sub2.bubblesmedia.ru/.../?link=d9VXkDBIgi0Rxvh3U87gYMUpZveMCXabkdPGpEd2CwYoJOVfdEvJOVkWiLCOCbI5S6Wbd0VphiGIvGKe3NTG71zY7Mja0r2Qoh7UaQMWOKRuP3zbCli3toVgbHBAkFfrT1B2OAlqVn4CwQ==&param=W8NqoVwKndM=&rid=2779&s=????? "??????????? ??? ???????. ?????? ??????????, ??????? ??????? ???? ???????" - ????? ???? - ?????? - ??????? pdf - ??????, ?????? - ??????&r=litmir.me&f=????? "??????????? ??? ???????. ?????? ??????????, ??????? ??????? ???? ???????" - ????? ???? - ?????? - ??????? pdf - ??????, ?????? - ??????&cs=UTF-8&u=&fu=

http://torr.mediaget.com/torr.php?r=ea6.net&s=en gozel seksi kino&f=en gozel seksi kino

http://www.turbobitcdn4.com/down.php?is=Minecraft.Indir.Full.Pc.1.8.8.Team.Extreme.Hizli&t1=fullprogramlarust&t2=ozel

http://mediaget.com/torrent.php?r=pc-torrents.com&uhttp://pc-torrents.com/.../download.php?id=117

http://sub2.bubblesmedia.ru/sb/clk/s/2451/o/145/.../0?a=1

http://sub2.admitlead.ru/sb/clk/s/637/h/1e906f/o/471/.../0?a=1

http://sub2.bubblesmedia.ru/go/?link=OauCOaw5ts87jMMZPlwkEldBOoQKy6QxXZjTcHCNJXJNlF3rcwcMAQLtyZryxDGsmnkQ0C6HDyBsiy30/UF4OKlbCZ5Ch0eOLNCfcNL/LR8MXKdF4HVGTGTqdpgU6K/.../hnyOe8mc9K28pg1vqlrw60MWsBv&param=BbYkHXCp4Y4=&rid=3357

http://sub2.bubblesmedia.ru/sb/clk/s/3096/h/aa6015/o/145/p/1350/.../0?a=1

http://goo.gl/eaW5Pg

http://mg.bubblesmedia.ru/index.php?redirect_url=http://.../index2.php?bbl_clk_id=331044-1445083136&bbl=1&f=Скачать фильм Петля (2013) - Открытый торрент трекер Скачать торент с Fast torrent Скачать фильмы бесплатно без регистрации&s=Скачать фильм Петл%u

http://sub2.bubblesmedia.ru/go/?link=6Mese7H6pwIvA/.../wLPVSsL7dkk4WXqjd IOggjdQMzRzp9Fp5izVmACD9D4IZ&param=X G2uoqofQc=&rid=1332&f=????????? [5 ?????: 1-8 ??????] (2015) SATRip ??????? ??????? [21.87 GB] :: MegaPeer.org

http://sub2.bubblesmedia.ru/sb/clk/s/1923/o/145/.../0?a=1

http://sub2.bubblesmedia.ru/go/?link=U20JBKktSF7t1IH BdjRO9a0f/1vX/LOWy8yuBczzAFmB6FJmIubRLcFlK7 QqfFi /tkc2SQdkVspSBrO0bL2h4XnP1cpEKnR6SoQPHH9MIVAVQj82UwIe cmhkW69kWW 5blV22p71HfE=&param=1cOEHoNffxk=&rid=3241&r=consol-games.net&u=http://consol-games.net/.../download.php?id=5894&f=Prince_rival_rus.torrent

http://mediaget.com/torrent.php?r=vessoft.com

http://sub2.bubblesmedia.ru/go/?link=481hqsjJ8FdZdyg7q52eU7TlSep/NQWPM/33tS/HlhtVgXk1WicIM6n0lHI4RG3zNlPb8QZ20b7bPW19yRH9o93Su5xmfwTz2nWn8nu6KddQSM1q120qqcDeNp ytjxLyqneT5RHmnH2gKY=&param=HgPoBdjXLFs=&rid=3243&r=rutor.net&u=http://rutor.net/.../download.php?id=39067&f=mo-csgoff.dmg.torrent

http://sub2.admitlead.ru/sb/clk/s/901/h/fceed1/o/471/.../0?my_affiliate_id=reklamtrk.com&f=FarmingSimulator16ApkPara&data_send_to_me=33DAA9FAE51631761CC8B1BD6E2683FBC49A262A_www.adasunucum.com_2907w1

http://www.installads.net/torrent.php?t1=torrentoyun&is=Endless Legend Update

http://sub2.bubblesmedia.ru/sb/clk/s/1771/h/42eda4/o/145/.../12?a=1&f=Counter Strike Global

http://sub2.admitlead.ru/sb/clk/s/877/h/0064ca/o/471/p/1507/.../0?a=1

http://sub2.bubblesmedia.ru/sb/clk/s/2986/h/684563/o/145/p/1266/.../0?a=1

http://sub2.bubblesmedia.ru/sb/clk/s/2933/h/b477dd/o/145/p/1256/.../0?a=1

http://sub2.admitlead.ru/sb/clk/s/607/h/441b76/o/471/.../0?a=1

http://sub2.bubblesmedia.ru/sb/clk/s/2827/h/21d1fd/o/145/p/2102/.../0?a=1

http://sub2.bubblesmedia.ru/go/.../LY=&rid=3357

http://sub2.bubblesmedia.ru/go/?link=fApstkxFSFuZhxnN9UWKGd 8NPvg RhdlzCpgXJJB b1aQj5GND1hFnvddcRTskq/.../TmKcg=&rid=3290

http://ld.mediaget.com/index2.php?l=ru&r=1torrents.net&bbls_client_id=218264540&bbl=1&bbl_clk_id=598023-1445184720

http://sub2.bubblesmedia.ru/go/?link=7VmnlE3JYGKm7 2WPiWvJVaoE8gMGjkbkFRX8ZMRamg1WYPGlK6KnTOYpcDuheqmQrKUwrNEywqjn6u21ruXeojHd2lDrdwqcqyZFyljbCZOJUrfIK3SVVXEhD Zp6f8Y4JO5pFmwd66FA==&param=EI1jj1LFq 8=&rid=3307&r=goldenshara.org&u=http://.../download.php?id=268012

Latest 30 of 59 download URLs

Remove mediaget_id4269611ids2s.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.