home

mike92703.exe

Download Helper

IT MANAGEMENT GROUP LTD

This is a bundle installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application mike92703.exe by IT MANAGEMENT GROUP has been detected as adware by 13 anti-malware scanners. The program is a setup application that uses the New IT Desktop Setup installer.
Publisher:
IT MANAGEMENT GROUP LTD  (signed and verified)

Product:
Download Helper

Version:
2, 5, 14, 0

MD5:
e1b79b4860869cbd9bbcbbd5576dd899

SHA-1:
63a20b35db9aef3c9c70385a2c1466654c97b14e

SHA-256:
605e89c9e4fcf469ce8ee3f479674b73d195dd5ffc7a339b7823bf6cc927420c

Scanner detections:
13 / 68

Status:
Adware

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
4/19/2024 11:28:56 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

avast!
Win32:Downloader-TQP [PUP]
2014.9-140822

Comodo Security
Application.Win32.4Shared.SH
19174

ESET NOD32
Win32/4Shared.D potentially unwanted application
8.7.0.302.0

Fortinet FortiGate
Riskware/4Shared
8/22/2014

G Data
Win32.Trojan-Downloader.Agent.BA
14.8.24

K7 AntiVirus
Unwanted-Program
13.183.13029

McAfee
Trojan.Artemis!CCB258FFDC9B
5600.7030

Reason Heuristics
PUP.ITMANAGEMENTGROUP.J
14.9.11.21

Rising Antivirus
PE:PUF.4Shared!1.9C25
23.00.65.14820

Sophos
PUA.4Share Downloader
54

SUPERAntiSpyware
PUP.DownloadHelper/Variant
10331

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.3

VIPRE Antivirus
Threat.4788236
31208

File size:
970.6 KB (993,856 bytes)

Product version:
2, 5, 14, 0

Copyright:
Copyright (C) 2013

File type:
Executable application (Win32 EXE)

Bundler/Installer:
New IT Desktop Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\mike92703.exe

Digital Signature
Signed by:
IT MANAGEMENT GROUP LTD

Authority:
GoDaddy.com, Inc.

Valid from:
3/15/2013 5:57:25 AM

Valid to:
3/14/2016 8:41:32 AM

Subject:
CN=IT MANAGEMENT GROUP LTD, O=IT MANAGEMENT GROUP LTD, L=Limassol, S=N/A, C=CY

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
082965B7976A8F

File PE Metadata
Compilation timestamp:
8/12/2013 8:31:11 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:WU4K43xxQgYlY9IE2056CWdUaOQfp+HbJWIX9XD4bW0q2xtBGlW9UJwOGo19bgsZ:P4LQ1lCIE20sCYUQxEnZ4NGAARdYRUu

Entry address:
0xFF04

Entry point:
E8, 85, 63, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A1, 14, 64, 42, 00, 33, C5, 89, 45, FC, F6, 05, 00, 64, 42, 00, 01, 56, 74, 08, 6A, 0A, E8, 41, 37, 00, 00, 59, E8, 3F, 64, 00, 00, 85, C0, 74, 08, 6A, 16, E8, 41, 64, 00, 00, 59, F6, 05, 00, 64, 42, 00, 02, 0F, 84, CA, 00, 00, 00, 89, 85, E0, FD, FF, FF, 89, 8D, DC, FD, FF, FF, 89, 95, D8, FD, FF, FF, 89, 9D, D4, FD, FF, FF, 89, B5, D0, FD, FF, FF, 89, BD, CC, FD, FF, FF, 66, 8C, 95, F8, FD, FF, FF, 66, 8C, 8D, EC, FD, FF...
 
[+]

Entropy:
7.8578  (probably packed)

Code size:
117 KB (119,808 bytes)

Remove mike92703.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.