» sum41 - with me.exe
Overview
Analysis
File Details

sum41 - with me.exe

premium

New IT Limited

This is a bundle installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application sum41 - with me.exe by New IT Limited has been detected as adware by 14 anti-malware scanners. The program is a setup application that uses the New IT Desktop Setup installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.

File name:

sum41 - with me.exe

Publisher:

C (signed by New IT Limited)

Product:

premium

Description:

DWD

Version:

3, 3, 6, 0

MD5:

be4a6ada9b12529454e7853ba4bacaba

SHA-1:

0035ae2ef7825561c10d750c0cfe8a1b5a9c3f20

SHA-256:

5e6b2500c817317ef3bc59cb285af4ff3b5e93158131e24bba7cda9d0e8314cb

Scanner detections:

14 / 68

Status:

Adware

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

4/19/2024 8:46:28 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Application.Bundler.4

928

Agnitum Outpost

PUA.4Shared

7.1.1

Avira AntiVirus

APPL/Downloader.Gen

7.11.163.92

avast!

Win32:FourShared-D [PUP]

140617-1

Bitdefender

Gen:Variant.Application.Bundler.4

1.0.20.1015

ESET NOD32

Win32/4Shared.R potentially unwanted application

7.0.302.0

F-Secure

Gen:Variant.Application.Bundler

11.2014-22-07_3

G Data

Gen:Variant.Application.Bundler

14.7.24

Malwarebytes

PUP.Optional.4shared

v2014.07.22.08

MicroWorld eScan

Gen:Variant.Application.Bundler.4

15.0.0.609

NANO AntiVirus

Trojan.Win32.Bundler.daylvr

0.28.2.60990

Panda Antivirus

Trj/Genetic.gen

14.07.22.08

Reason Heuristics

PUP.NewITLimited.P

14.7.22.8

VIPRE Antivirus

Threat.4150696

31208

File size:

354.7 KB (363,224 bytes)

Product version:

3, 3, 6, 0

2014

Trademarks:

File type:

Executable application (Win32 EXE)

Bundler/Installer:

New IT Desktop Setup

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\sum41 - with me.exe

Digital Signature

Signed by:

New IT Limited

Authority:

GoDaddy.com, Inc.

Valid from:

12/30/2013 5:33:53 AM

Valid to:

12/30/2016 5:33:53 AM

Subject:

CN=New IT Limited, O=New IT Limited, L=Nicosia, S=Nicosia, C=CY

Issuer:

SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

04225A281DFF69

File PE Metadata

Compilation timestamp:

3/14/2014 2:55:15 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:XX+UGeqxiPqEgFO5P50yMdWvDtUjK1hzqMzMGTP8WequMw:XuUGe8EgFO5CymWZAkdD3equf

Entry address:

0x23594

Entry point:

E8, 53, 8B, 00, 00, E9, 78, FE, FF, FF, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3, 8D, 41, FE, 8B, 4C, 24, 04... 
[+]

Code size:

218.5 KB (223,744 bytes)

Remove sum41 - with me.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.