GridinSoft Threat Intelligence

MediaGet_id1171304ids2s.exe threat report

Detected as PUP.Downloader File reputation report
MD5 94ee5f4d747d705d1e7894cced1c4189
Latest seen 2021-03-07 16:46:03 (5 years ago)
First seen 2017-05-21 17:06:02 (8 years ago)
Size 465 KB
Publisher MediaGet LLC
Product mediaget-installer Module
Signed by Banner LLC

GridinSoft Anti-Malware detection

Detected by GridinSoft before you download

The current ThreatInfo record shows this exact file hash detected as PUP.Downloader. Download GridinSoft Anti-Malware to scan the device, confirm whether this file is present, and remove the detected object if it is found.

Detection name
PUP.Downloader
Recommended action
Scan and remove
Last analysis
2021-03-07 16:46:03 (5 years ago)
File hash
94ee5f4d747d705d1e7894cced1c4189
Download Anti-Malware

Why it matters

Why GridinSoft flags this file

Detection

GridinSoft identifies the sample as PUP.Downloader.

Timeline

First seen 2017-05-21 17:06:02 (8 years ago); latest analysis 2021-03-07 16:46:03 (5 years ago).

Publisher context

Company metadata: MediaGet LLC. Product metadata: mediaget-installer Module.

Digital signature

Signed by Banner LLC. The signature is reported as valid, but signed files can still be bundled or abused.

Aliases

This hash has appeared under multiple file names, which can happen with repackaging, bundling, or deliberate renaming.

Observed locations

ThreatInfo has seen this file in user or system paths listed below. Unexpected locations increase the need for local verification.

Recommended action

What to do next

  1. Compare the MD5 above with the file found on the device.
  2. Check whether the file appears in the observed locations or under one of the alternate names.
  3. Run GridinSoft Anti-Malware to confirm the detection and remove the file if it is present.

File context

MediaGet_id1171304ids2s.exe is a Windows file recorded in the ThreatInfo database. It is associated with mediaget-installer Module. The reported company name is MediaGet LLC. The current detection status is PUP.Downloader, based on the latest analysis from 2021-03-07 16:46:03 (5 years ago).

If MediaGet_id1171304ids2s.exe appears on your computer unexpectedly, treat it as suspicious. Check its location, digital signature, and recent system changes before allowing it to run. A full anti-malware scan is recommended when this file is detected as PUP.Downloader.

File Details

Product Name: mediaget-installer Module
Company Name: MediaGet LLC
MD5: 94ee5f4d747d705d1e7894cced1c4189
Size: 465 KB
First Published: 2017-05-21 17:06:02 (8 years ago)
Latest Published: 2021-03-07 16:46:03 (5 years ago)
Status: PUP.Downloader (on last analysis)
Analysis Date: 2021-03-07 16:46:03 (5 years ago)

Detection screenshot

MediaGet_id1171304ids2s.exe detection screenshot

The screenshot is a visual record of a GridinSoft Anti-Malware detection for this sample. Use the hash and metadata above as the primary identifiers when comparing the file on your system.

Overview

Signed By: Banner LLC
Status: Valid

The signature on MediaGet_id1171304ids2s.exe is reported as valid. A valid signature helps confirm publisher identity, but it does not automatically make the file safe if the installer was bundled, abused, or downloaded from an untrusted source.

Common Places:

%desktop%\kullanilan programlar
%profile%\downloads
%profile%\downloads\старое
%profile%\downloads\programs
%profile%\ser\belgelerim\downloads\programs
%profile%\downloads\новая папка
%sysdrive%\........загрузки мои обо всём смотреть +++\........загрузки мои обо всём смотреть\........загрузки мои обо всём смотреть\........программы разные здесь\.....windows-10 и всё про него смотреть
%profile%
%sysdrive%
%sysdrive%\$recycle.bin

ThreatInfo has observed MediaGet_id1171304ids2s.exe in the locations listed above. Files found in temporary folders, user profile folders, startup locations, or unusual application directories should be reviewed more carefully than files installed under a known program directory.

File Names:

300 observed names
call-of-duty-modern-warfare-3_id3128561ids2s.exe warfaceuniversaldll_id1295219ids1s.exe windows-xp-pro-sp3-black-edition-by-zone54-luxlol_id4400118ids1s.exe MediaGet_id4211907ids1s.exe windows-xp-professional-sp3-davincci-edition-v130_id4389427ids1s.exe MediaGet_id1582470ids1s.exe MediaGet_id4738728ids1s.exe MediaGet_id1013458ids1s.exe MediaGet_id318841ids2s.exe MediaGet_id318882ids2s.exe MediaGet_id318872ids2s.exe MediaGet_id2492333ids2s.exe the-kmplayer_id1629766ids2s.exe _photodex-proshow-producer-603410-full-versiyon-n_id3606401ids1s.exe the-kmplayer_id1619784ids2s.exe nero-express-7_id95294ids1s.exe _livebegin-v1-_id1202410ids2s.exe the-kmplayer_id3967898ids1s.exe minecraft-179-full-ndir_id1164885ids2s.exe minecraft-full-cretsiz-trke-ndir_id1167706ids2s.exe minecraft-188-full_id1168028ids2s.exe the-kmplayer_id3967910ids1s.exe minecraft-188-full_id1168079ids2s.exe thor-v12cfg-cs-16-cfg-indir-full-hs-aim_id1430308ids1s.exe gta4fullindir_id1431846ids1s.exe the-kmplayer_id1619790ids2s.exe photodex-proshow-gold-603397_id3604026ids1s.exe minecraft-full-cretsiz-trke-ndir_id1167525ids2s.exe kolsuz-kahraman-wang-yu_id1160221ids1s.exe arrow4sezonfullzle_id1060909ids2s.exe thor-v12cfg-cs-16-cfg-indir-full-hs-aim_id1430357ids1s.exe mortal-kombat-x-ios-ipa-indir_id1176365ids2s.exe the-kmplayer_id1623236ids2s.exe the-kmplayer_id1619786ids2s.exe _power-xp-sp3-2012-cd-versiyon_id1204390ids2s.exe the-kmplayer_id3968889ids1s.exe _power-xp-sp3_id1203023ids2s.exe the-kmplayer_id1628455ids2s.exe thor-v12cfg-cs-16-cfg-indir-full-hs-aim_id1430414ids1s.exe cs-16-thor_id1430175ids1s.exe avanak-ajan-ajanlar_id2555602ids1s.exe _nero-express-12028001-trke-portable_id99597ids1s.exe internet-download-manager_id676250ids1s.exe mortal-kombat-x-ios-ipa-indir_id1176541ids2s.exe the-kmplayer_id3968574ids1s.exe minecraft-188-full_id1166626ids2s.exe nero7premiumeditionserial1337x-torrent-oyuncomtor_id3551602ids1s.exe minecraft-full-cretsiz-trke-ndir_id1169603ids2s.exe age-of-empires-2-sorunsuz-full-indir_id1800915ids1s.exe age-of-empires-2-sorunsuz-full-indir_id1797084ids1s.exe age-of-empires-2-sorunsuz-full-indir_id1801154ids1s.exe age-of-empires-2-sorunsuz-full-indir_id1788678ids1s.exe slime-rancher_id681202ids1s.exe MediaGet_id3890849ids1s.exe MediaGet_id3359519ids2s.exe MediaGet_id3360627ids2s.exe torrent_id34104ids2s.exe torrent_id3805105ids2s.exe MediaGet_id3360634ids2s.exe MediaGet_id3359535ids2s.exe torrent_id4977152ids2s.exe torrent_id34608ids2s.exe MediaGet_id3360753ids2s.exe MediaGet_id3249648ids2s.exe torrent_id4977692ids2s.exe pes-2016-lisans-ve-transfer-yamasi-indir_id2489421ids2s.exe internet-download-manager-full-62510-turkce-indir_id2179948ids1s.exe bandicam-full-indir-242905-turkce-2015-tr_id2632408ids2s.exe ns-portal-com-ua-_id3165780ids1s.exe ns-portal-com-ua-_id3166070ids1s.exe all-in-arma-terrain-pack-2015-01-_id3596366ids2s.exe -office-2010-toolkit_id10513ids1s.exe office-etkinlestirme-toolkit-v223-blogkuzusurar_id8760ids1s.exe whatsapp-messenger-apk-indir-212451-android_id4799369ids1s.exe MediaGet_id2870152ids2s.exe MediaGet_id2870058ids2s.exe MediaGet_id2867613ids2s.exe kung-fu-ormani-turkce-dublaj-indir-1080p-izle-dual_id3020924ids2s.exe opera-indir-v127_id4903465ids2s.exe opera-indir-v127_id4904289ids2s.exe opera-indir-v127_id4904025ids2s.exe MediaGet_id1719086ids2s.exe MediaGet_id1719228ids2s.exe MediaGet_id3962793ids1s.exe MediaGet_id3946472ids1s.exe _xilisoft-video-editor-v220-video-kesme_birletirm_id4451246ids1s.exe internet-download-manager_id2465290ids1s.exe need-for-speed-2015-pc_id4898271ids2s.exe the-hateful-eight_id4028924ids2s.exe ccleaner-professional-full-indir-5135460-turkce_id4190405ids1s.exe MediaGet_id569465ids1s.exe need-for-speed_id4429486ids1s.exe MediaGet_id4395851ids1s.exe delibal15fullhdzle_id2368337ids1s.exe MediaGet_id1054625ids2s.exe call-of-duty-black-ops-2010-pc-repack-ot-rg-mehan_id3272064ids1s.exe euro-truck-simulator_id149391ids1s.exe cyberghost-vpn-v501514_id4445523ids2s.exe torrent_id4187287ids2s.exe MediaGet_id513613ids2s.exe MediaGet_id2826366ids1s.exe torrent_id2826619ids1s.exe MediaGet_id1581187ids2s.exe MediaGet_id1581482ids2s.exe MediaGet_id1580914ids2s.exe MediaGet_id967190ids2s.exe MediaGet_id2826499ids1s.exe MediaGet_id2338745ids1s.exe MediaGet_id61294ids2s.exe vray-advanced-32003-for-3ds-max-2014-2015-2016-fu_id30737ids2s.exe vray-advanced-32003-for-3ds-max-2014-2015-2016-fu_id29763ids2s.exe engzeli15xvidyerlifilm_id686799ids1s.exe MediaGet_id2599764ids1s.exe $RIS403Z.exe cimri-is-bankasi-molierepdf_id870742ids2s.exe u041au043du0438u0433u0430-u0418u0433u0440u0430-u0_id858249ids2s.exe mount-blade_id4019253ids2s.exe mount-blade_id4134406ids2s.exe mount-blade_id4019270ids2s.exe mount-blade_id4134211ids2s.exe mount-blade_id4024014ids2s.exe mount-blade_id4016874ids2s.exe mount-blade_id4020977ids2s.exe mount-blade_id4023326ids2s.exe -windows-7-loader-indir-222-by-daz_id1542569ids1s.exe your-uninstaller-pro-75201403-turkce-full-tam-ind_id3970797ids2s.exe your-uninstaller-pro_id3973252ids2s.exe your-uninstaller-pro-75201403-turkce-full-tam-ind_id3972945ids2s.exe gta-vice-city-killerkip-mod_id2346276ids2s.exe MediaGet_id690662ids2s.exe MediaGet_id4494775ids2s.exe MediaGet_id1965206ids1s.exe MediaGet_id2589287ids2s.exe slam-dini-eitim-kitaplar-pdf-ndir-cretsiz-pdf-ndi_id1800531ids1s.exe hadislerin-inda-sahabe-simleri-pdf-ndir-cretsiz-p_id1800488ids1s - Kopya (2).exe hadislerin-inda-sahabe-simleri-pdf-ndir-cretsiz-p_id1800325ids1s - Kopya.exe hadislerin-inda-sahabe-simleri-pdf-ndir-cretsiz-p_id1800325ids1s - Kopya (2).exe slam-dini-eitim-kitaplar-pdf-ndir-cretsiz-pdf-ndi_id1800465ids1s.exe slam-dini-eitim-kitaplar-pdf-ndir-cretsiz-pdf-ndi_id1800396ids1s.exe hadislerin-inda-sahabe-simleri-pdf-ndir-cretsiz-p_id1800488ids1s.exe hadislerin-inda-sahabe-simleri-pdf-ndir-cretsiz-p_id1800325ids1s.exe hadislerin-inda-sahabe-simleri-pdf-ndir-cretsiz-p_id1800488ids1s - Kopya.exe MediaGet_id30902ids2s.exe MediaGet_id1021967ids2s.exe MediaGet_id1025493ids2s.exe MediaGet_id1025493ids2s(2).exe MediaGet_id1025493ids2s(3).exe MediaGet_id1025493ids2s(4).exe MediaGet_id1025493ids2s(5).exe MediaGet_id2929760ids1s.exe MediaGet_id2933482ids1s.exe MediaGet_id2937289ids1s.exe MediaGet_id2933979ids1s.exe adobe-acrobat-xi-professional-1103-turkce-full-su_id1464153ids1s.exe A0053789.exe A0004858.exe A0053791.exe A0004860.exe foxit-phantompdf-business-full-7250930_id4628902ids1s.exe capri-ii_id4457759ids1s.exe cabri-geometry-ii_id4440031ids1s.exe tudem-yaynlar-8-snf-matematik-konu-anlatml-dergil_id908977ids1s.exe capri-ii_id4457735ids1s.exe osmanlcamlalgatalikemal_id4539030ids2s.exe torrent_id4558241ids1s.exe torrent_id4559132ids1s.exe torrent_id4558280ids1s.exe MediaGet_id3993056ids2s.exe komnata-straha---panic-room-2002-hdrip_id3985720ids2s.exe MediaGet_id4537712ids1s.exe pila---saw-the-video-game-2009-pc-repack-ot-rg-el_id865141ids1s.exe MediaGet_id3993997ids2s.exe MediaGet_id839512ids1s.exe MediaGet_id1153064ids1s.exe pagedfrgrar_id1641204ids2s.exe MediaGet_id1251444ids1s.exe MediaGet_id1253334ids1s.exe MediaGet_id1253283ids1s.exe microsoft-office-2007_id1243546ids1s.exe -office-professional-plus-2007-trke-full-katlmsz_id1252229ids1s.exe cilgin-futbol-takimi-1-turkce-dublaj_id1879918ids1s.exe cilgin-futbol-takimi-5_id1879412ids1s.exe cilgin-futbol-takimi-5_id1879401ids1s.exe cilgin-futbol-takimi-5_id1879425ids1s.exe minecraft-launcher_id340845ids2s.exe minecraft-launcher_id340714ids2s.exe minecraft-launcher_id3204662ids1s.exe torrent_id4586354ids2s.exe vue-xstream-20152-full-infinite-rendercrow-indir_id3472131ids1s.exe demi-lovato--confident-2015-albm-ndir-ndir-moruk_id3139812ids1s.exe the-sims-4-deluxe-edition-update-2-crack-v5_id4135418ids2s.exe isobuster-pro-turkce-full-370-indir_id2331829ids1s.exe isobuster-pro-turkce-full-370-indir_id2333704ids1s.exe MediaGet_id4510757ids2s.exe karekkygsmatematikdenemelericretsiz_id3740168ids2s.exe kaspersky-internet-security-2015-full-1502361-ind_id3745901ids1s.exe kaspersky-internet-security-2015-full-1502361-ind_id3745737ids1s.exe spyhunter-full-42094533-tam-indir_id4563199ids2s.exe igoprimo16androidapknavigasyon_id1187876ids2s.exe MediaGet_id3320429ids2s.exe MediaGet_id128091ids1s.exe MediaGet_id3315909ids2s.exe MediaGet_id3312519ids2s.exe MediaGet_id3068493ids2s.exe MediaGet_id3065563ids2s.exe MediaGet_id3768769ids2s.exe MediaGet_id3711826ids2s.exe MediaGet_id3318487ids2s.exe MediaGet_id3769718ids2s.exe MediaGet_id3067494ids2s.exe MediaGet_id3319595ids2s.exe MediaGet_id3256965ids2s.exe MediaGet_id3066451ids2s.exe tron-evolution-the-video-game-2010-rs-licenziya_id2763259ids1s.exe prototype-2-2012-pc-repack-by-roxfayter30_id4913553ids1s.exe prototype-2-2012-rus-lossless-repack-ot-rg-world-_id4913357ids1s.exe win7crack_removeWat.exe assassins-creed-full-ndir_id4389929ids2s.exe assassins-creed-full-ndir_id4390401ids2s.exe wolfteamkaraktervezelversiyonhilesi_id1335803ids1s.exe MediaGet_id3801605ids2s.exe MediaGet_id2920196ids1s.exe MediaGet_id4259058ids2s.exe MediaGet_id539568ids1s.exe MediaGet_id538739ids1s.exe MediaGet_id4138294ids2s.exe god-of-war_id2301518ids1s.exe internet-download-manager_id2586471ids1s.exe internet-download-manager_id2586127ids1s.exe god-of-war_id2301896ids1s.exe god-of-war_id2302486ids1s.exe 19431_grand_theft_auttorrent_id363749ids2s.exe cyberlink-powerdirector-ultra-10002023-2012-pc_id2896219ids2s.exe MediaGet_id3747949ids1s.exe cyberlink-powerdirector-ultra-10002023-2012-pc_id2896079ids2s.exe MediaGet_id2628743ids1s.exe MediaGet_id382422ids1s.exe MediaGet_id3285635ids1s.exe MediaGet_id3312460ids1s.exe torrent_id3695838ids1s.exe MediaGet_id2193169ids1s.exe MediaGet_id4464187ids2s.exe MediaGet_id1506916ids1s.exe MediaGet_id1506727ids1s.exe MediaGet_id2073874ids1s.exe MediaGet_id2073816ids1s.exe MediaGet_id1574156ids2s.exe MediaGet_id3731963ids2s.exe MediaGet_id2497035ids1s.exe MediaGet_id2497251ids1s.exe MediaGet_id206477ids2s.exe MediaGet_id205005ids2s.exe MediaGet_id920482ids1s.exe MediaGet_id920969ids1s.exe MediaGet_id922826ids1s.exe MediaGet_id923118ids1s.exe MediaGet_id924018ids1s.exe MediaGet_id922314ids1s.exe MediaGet_id927460ids1s.exe MediaGet_id921058ids1s.exe MediaGet_id920323ids1s.exe MediaGet_id927944ids1s.exe MediaGet_id917746ids1s.exe MediaGet_id923687ids1s.exe torrent_id4952761ids1s.exe u0421u043au0430u0447u0430u0442u044c_id3639944ids1s.exe MediaGet_id4952935ids1s.exe MediaGet_id783062ids2s.exe MediaGet_id2971760ids1s.exe MediaGet_id2971286ids1s.exe grand-theft-auto-v-2015-gta5-unlocked-torrent_id325597ids1s.exe MediaGet_id3413146ids2s.exe MediaGet_id3508831ids1s.exe patch-v123700-cracks-dlya-fallout-4-2015-multi-l-_id4489123ids2s.exe MediaGet_id1754748ids2s.exe MediaGet_id1754443ids2s.exe u0412u043bu0430u0441u0442u0435u043bu0438u043d-u04_id1736266ids1s.exe gta-5---grand-theft-auto-v-2015-rus-eng-repack-by_id193944ids1s.exe MediaGet_id3600388ids1s.exe MediaGet_id1845088ids1s.exe -office-2016-pro_id653114ids2s.exe MediaGet_id3928984ids1s.exe _absolutely-anything-2015_id3841266ids2s.exe _pan-2015-_id62827ids2s.exe torrent_id3576348ids1s.exe torrent_id3576422ids1s.exe tomb-raider-2013_id2080159ids2s.exe 800x600reg_id3594101ids2s.exe cocuklar-icin-keloglan-sesli-masallar-indir-10-ad_id799434ids1s.exe MediaGet_id4799071ids1s.exe torrent_id313546ids1s.exe MediaGet_id1092939ids2s.exe MediaGet_id4636531ids1s.exe torrent_id1048401ids2s.exe MediaGet_id4635619ids1s.exe MediaGet_id4635626ids1s.exe torrent_id2860834ids1s.exe MediaGet_id1232457ids2s.exe MediaGet_id1232418ids2s.exe MediaGet_id1171304ids2s.exe

This hash has been seen with multiple file names. Alternate names can appear when software is updated, copied between folders, packed by an installer, or deliberately renamed to avoid recognition. Compare the exact MD5 above before assuming two names refer to the same file.

Geographic signal

Observed country distribution

ThreatInfo has seen MediaGet_id1171304ids2s.exe across 12 countries. Use this signal to compare local evidence with where the sample is most often reported.

Top country Turkey
Share 41.7%
Low High activity

The strongest geographic signal for this file is Turkey with 41.7% of observed hits. Geographic distribution can help identify targeted campaigns, regional software bundles, or where a file is most commonly reported.

OS Version:

Windows 7 47.8%
Windows 10 33.9%
Windows 8.1 11.4%
Windows XP 6.9%

The most common operating system signal for MediaGet_id1171304ids2s.exe is Windows 7 with 47.8% of observed hits. If your system differs from the common profile, check whether the file was introduced by a specific installer, archive, or removable device.

Analysis

MediaGet_id1171304ids2s.exe is identified as pe for 32-bit systems. The subsystem is Windows GUI. PE header values are useful for triage, especially when they do not match the expected publisher, product, or release timeline.

Format pe
Architecture 32-bit
Subsystem Windows GUI
Entry point 0x00135c70
Image base 0x00400000

PE Sections:

Sections 3
Raw data 470528

Section layout highlights raw-size concentration, repeated names, packer markers, and hashes that can be compared across related samples.

UPX0 0 bytes · 0.0% of section data
Packer marker Uncommon name
MD5 00000000000000000000000000000000
UPX1 282624 bytes · 60.1% of section data
Packer marker Uncommon name
MD5 6034c02adf9e4acae9b0100039e850a4
.rsrc 187904 bytes · 39.9% of section data
MD5 41173dde648370f22a6b2e32cf4b1c02

PE section names and hashes can reveal packing, injected resources, or unusual build artifacts. Sections with uncommon names, very large raw data, or hashes that differ from a trusted copy deserve additional review.

Report conclusion

GridinSoft detects this file as PUP.Downloader

This report identifies MediaGet_id1171304ids2s.exe by MD5 94ee5f4d747d705d1e7894cced1c4189. If the same file is present on your device, scan the system and remove the detected object after confirming the hash and location.

Download GridinSoft Anti-Malware Scan the device and confirm whether this exact hash is present. Check this hash on VirusTotal

Recommended next steps

  • Compare the local file MD5 with 94ee5f4d747d705d1e7894cced1c4189.
  • Check the file path, publisher, and signature against the details in this report.
  • Run a GridinSoft scan and remove the object if the same hash is found.