Home / malware PUA:Win32/4Shared
First posted on 05 July 2016.
Source: MicrosoftAliases :
There are no other names known for PUA:Win32/4Shared.
Explanation :
Installation
This application can be downloaded from websites that offer third-party software downloads. For example, we have seen it downloaded from:
- download1639.mediafire.com
- dc694.4shared.com
- dc395.4shared.com
- d1.share.az
- dc245.4shared.com
We have seen this application use the following file names:
- SaveAs.exe
- SaveAs (1).exe
- 4shared_Desktop_4.0.14.27377.exe
- SaveAs (2).exe
- XZipInst.exe
- SaveAs(1).exe
- 4shared_Desktop.exe
- 4shared_desktop_4.0.3.1.exe
- SaveAs (3).exe
It can be digitally signed by the following vendors:
- Maxiget Limited
- New IT Limited
- Luftix Limited
- MG Software
- IT MANAGEMENT GROUP LTD
We have seen this application using product names such as:
- SystemNode
- Get your downloads
- Asper
- premium
- SuperCharging
This application communicates with domains such as:
- hamster.faster-get.net
- hamster.maxiget.com
- track.getportal.net
- hamster54.com
- hamste68.com
For example:
- hamster.faster-get.net/hamster/tequila.jsp
- hamster.maxiget.com/hamster/tequila.jsp
- track.getportal.net/trackcnt/URhd5A5YunqGcfYE/?
This description was published using automated analysis.Last update 05 July 2016
