» scooby doo and the spook...c][tls games][reidy].exe
Overview
Analysis
File Details

scooby doo and the spook...c][tls games][reidy].exe

SN Pro tool

Maxiget Limited

This is a bundle installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application scooby doo and the spook...c][tls games][reidy].exe by Maxiget Limited has been detected as adware by 25 anti-malware scanners. The program is a setup application that uses the New IT Desktop Setup installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.

File name:

Publisher:

SSPlus (signed by Maxiget Limited)

Product:

SN Pro tool

Description:

PracticalForce

Version:

4, 0, 37, 0

MD5:

42f5bdb27588550f8b8691d20bb0eb74

SHA-1:

e9713937af64b129e74a9a7ac6e6a534b8a7b18f

SHA-256:

a97688f5acd79786d9d8bd7556e20b97184525bfe75dc8665bd37b5d9b179dc2

Scanner detections:

25 / 68

Status:

Adware

Explanation:

This is a modified installer version of the software and bundles additional offers including adware.

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

4/23/2024 2:14:23 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Application.Bundler.Strictor.72449

6496598

Agnitum Outpost

PUA.4Shared

7.1.1

AhnLab V3 Security

PUP/Win32.Bundler

2015.02.01

Avira AntiVirus

APPL/Downloader.Gen4

7.11.206.64

Bitdefender

Gen:Variant.Application.Bundler.Strictor.72449

1.0.20.155

Clam AntiVirus

Win.Trojan.Agent-827002

0.98/20008

Comodo Security

Application.Win32.4shared.GSP

20910

Dr.Web

Adware.Downware.9348

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Application.Bundler.Strictor.72449

9.0.0.4799

ESET NOD32

Win32/4Shared.AI potentially unwanted application

7.0.302.0

F-Prot

W32/S-e896e9f7

v6.4.7.1.166

F-Secure

Riskware.Gen:Variant.Application.Bundler

5.13.68

G Data

Gen:Variant.Application.Bundler.Strictor.72449

15.1.25

IKARUS anti.virus

PUA.4Shared

t3scan.1.8.6.0

K7 AntiVirus

Trojan

13.193.14818

Kaspersky

not-a-virus:Downloader.Win32.4Shared

15.0.0.543

Malwarebytes

PUP.Optional.4Shared

v2015.01.31.07

McAfee

4shared

5600.6869

MicroWorld eScan

Gen:Variant.Application.Bundler.Strictor.72449

16.0.0.93

NANO AntiVirus

Riskware.Win32.Downware.dklsuw

0.30.0.65070

Panda Antivirus

Trj/Genetic.gen

15.01.31.07

Reason Heuristics

PUP.New IT Limited

15.1.31.7

Vba32 AntiVirus

Downloader.4Shared

3.12.26.3

VIPRE Antivirus

Threat.4150696

36694

Zillya! Antivirus

Backdoor.CPEX.Win32.30037

2.0.0.2049

File size:

43.1 KB (44,160 bytes)

Product version:

4, 0, 37, 0

2014 (c) PPT

Trademarks:

SST LLC.

Original file name:

breaker.exe

File type:

Executable application (Win32 EXE)

Bundler/Installer:

New IT Desktop Setup

Common path:

C:\users\{user}\downloads\scooby doo and the spook...c][tls games][reidy].exe

Digital Signature

Signed by:

Maxiget Limited

Authority:

Starfield Technologies, Inc.

Valid from:

11/4/2014 11:59:17 AM

Valid to:

8/15/2016 8:41:32 AM

Subject:

CN=Maxiget Limited, O=Maxiget Limited, L=Limassol, S=Cyprus, C=CY

Issuer:

CN=Starfield Secure Certificate Authority - G2, OU=http://certs.starfieldtech.com/repository/, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

2B6558A31AA7EB

File PE Metadata

Compilation timestamp:

12/11/2014 4:17:20 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

768:LxYY1An/cSsTG2lYIr/Ki0nJQUR7BSQD9MIsInTGdRb2B:qY1E8bKimJ3BSQpMIj06B

Entry address:

0x3B66

Entry point:

55, 8B, EC, 83, EC, 44, 56, FF, 15, 54, 40, 40, 00, 8B, F0, 8A, 06, 3C, 22, 74, 10, 3C, 20, 7E, 1E, 46, 80, 3E, 20, 7F, FA, EB, 16, 3C, 22, 74, 11, 46, 8A, 06, 84, C0, 75, F5, 3C, 22, 75, 07, EB, 04, 3C, 20, 7F, 07, 46, 8A, 06, 84, C0, 75, F5, 83, 65, E8, 00, 8D, 45, BC, 50, FF, 15, 30, 40, 40, 00, E8, 5B, 00, 00, 00, 68, 04, 60, 40, 00, 68, 00, 60, 40, 00, E8, 32, 00, 00, 00, F6, 45, E8, 01, 59, 59, 74, 06, 0F, B7, 45, EC, EB, 03, 6A, 0A, 58, 50, 56, 6A, 00, 6A, 00, FF, 15, 2C, 40, 40, 00, 50, E8, F8, FC... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

11.5 KB (11,776 bytes)

Remove scooby doo and the spook...c][tls games][reidy].exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.