Gridinsoft Logo
File Icon

Mediaget.exe PUP MediaGet Analysis

Updated 1 year ago
Checked by Malware Check
mediaget.exe

Technical Analysis

File Name mediaget.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version 1.0.169.174
Database Version 2024-03-21 18:00:32 UTC

PUP.Win32.MediaGet.sd!c

Malware family: MediaGet

MediaGet is a torrent application often distributed without clear user consent through software bundling or questionable download sources. It enables torrent file downloading which may involve copyright infringement.
N/A
Detection Rate
12,488,488
File Size (bytes)
2024-03-21
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
c810f122925985f1e5a5c3530f6e057c
SHA1
1e3b466f555e2412865e95b9695bae32973d160d
SHA256
42bee7cc964e6d4b3534b430251082750832ff7e9022a22d71421853f44ba714
SHA512
ef9363ab2867f88dbade5d7b4f7a1cd0320a6b01fc04811a95571b0ffc3dca6a58c8da1b5d2b55959ef75c6745807719b7e6b310bd92c6111d47a6fba18a2c2d
ImpHash
1f165e24f21e58132d8c8f97d606602e

PE Analysis

Basic Information

Icon
Hash: 7b7465b7c4721f9439585976b904ae04
Fuzzy: c58cd349d56b672d7914f73da73388b3
dHash: f0c692b33296dcf0
Image Base 0x00400000
Entry Point 0x007ee810
Compilation Time 2023-11-14 12:24:42
Checksum 0x00bf5bb5 (Actual: 0x00bf5bb5)
OS Version 6.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
PDB Path C:\mediaget\mediaget-sources-release\release\mediaget.pdb
Digital Signature OK
Imports 52 libraries
Exports 1 functions
Resources 9 Resources
Sections 5 Sections

Version Information

Comments MediaGet torrent client
CompanyName MediaGet
FileDescription MediaGet torrent client
FileVersion
InternalName mediaget
LegalCopyright Copyright © 2020 MediaGet
OriginalFilename mediaget
PrivateBuild 0
ProductName MediaGet
ProductVersion
SpecialBuild 0
Translation 0x0009 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 4,601,418 bytes 4,601,856 bytes 6.38 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ E633A818377A62F0F31D486249E348AE
.rdata 0x00465000 7,101,592 bytes 7,101,952 bytes 7.13 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 27E1005F9074F03FD3003974F978EAE2
.data 0x00b2b000 225,124 bytes 201,728 bytes 5.09 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 35FC38CDBDB00854112274F6CC0701CB
.rsrc 0x00b62000 131,232 bytes 131,584 bytes 5.95 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 38DF34E2070D68C1B8B08DEAD2ACA2EB
.reloc 0x00b83000 429,492 bytes 429,568 bytes 6.74 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ C187953C2FCB23D3CD0DA040CA00E10A
Entropy Analysis Alert

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 9 (130,642 bytes)
Resource Type Count Total Size Percentage
RT_ICON 6 128,660 bytes
98.5%
RT_GROUP_ICON 1 90 bytes
0.1%
RT_VERSION 1 824 bytes
0.6%
RT_MANIFEST 1 1,068 bytes
0.8%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

OK

PUP.Win32.MediaGet.sd!c Removal

Gridinsoft has the capability to identify and eliminate PUP.Win32.MediaGet.sd!c without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware