home

saveas.exe

SuperCharging

Maxiget Limited

This is part of a bundled installer which provides applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application saveas.exe by Maxiget Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
SPC LLC  (signed by Maxiget Limited)

Product:
SuperCharging

Description:
DWD

Version:
3, 3, 22, 0

MD5:
04f0577f11e2f11cc118ebb913277281

SHA-1:
b1e267eea12ca9f33d60766c6107047e9e7fd94d

SHA-256:
aa21ce71d857d81f6da26eed228607c8b1cc20553f3fc8b9f2dc0349f4c40524

Scanner detections:
1 / 68

Status:
Adware

Explanation:
This is a modified installer version of the software and bundles additional offers including adware.

Analysis date:
4/25/2024 12:20:21 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.New IT Limited.Maxiget (M)
16.2.13.22

File size:
436.2 KB (446,688 bytes)

Product version:
3, 3, 22, 0

Copyright:
2013

Trademarks:
-

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\saveas.exe

Digital Signature
Signed by:
Maxiget Limited

Authority:
COMODO CA Limited

Valid from:
11/11/2013 6:00:00 PM

Valid to:
11/12/2014 5:59:59 PM

Subject:
CN=Maxiget Limited, O=Maxiget Limited, STREET="Arch. Makariou III, 135", STREET="Emelle Building, 4th floor", L=Limassol, S=Limassol, PostalCode=3021, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FBB004FE732F9C48D07FE66424856186

File PE Metadata
Compilation timestamp:
5/15/2014 7:12:41 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:Ehv9K8SSeot00WQGwthtoWExghexAJwV8J0n9xc5Vz2KEbIT9ff2DTI:av9KSXWxitnExghexLG4ELz2KFTeI

Entry address:
0x2A0AC

Entry point:
E8, FB, A3, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 14, A1, 58, CD, 44, 00, 33, C5, 89, 45, FC, 53, 56, 33, DB, 57, 8B, F1, 39, 1D, A4, E5, 44, 00, 75, 38, 53, 53, 33, FF, 47, 57, 68, 5C, 1D, 44, 00, 68, 00, 01, 00, 00, 53, FF, 15, 58, F1, 43, 00, 85, C0, 74, 08, 89, 3D, A4, E5, 44, 00, EB, 15, FF, 15, C4, F0, 43, 00, 83, F8, 78, 75, 0A, C7, 05, A4, E5, 44, 00, 02, 00, 00, 00, 39, 5D, 14, 7E, 22, 8B, 4D, 14, 8B, 45, 10, 49, 38, 18, 74, 08, 40, 3B, CB, 75, F6, 83, C9, FF, 8B, 45, 14, 2B, C1...
 
[+]

Entropy:
6.9162

Code size:
248 KB (253,952 bytes)

Remove saveas.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.