DirectDownloader

Kategorie: Adware und PUAs Schutz verfügbar seit:18 Jul 2013 22:06:29 (GMT)
Typ: Unspecified PUA Zuletzt aktualisiert:16 Sep 2013 20:19:56 (GMT)

Download Kostenloses Virus Removal Tool downloaden – Finden Sie Bedrohungen, die Ihre Virenschutzsoftware übersehen hat

DirectDownloader is an installer which bundles legitimate applications with offers for additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.

Examples of DirectDownloader include:

Example 1

File Information

Size
819K
SHA-1
2218c6cd01cfb3a57a0062d8487ba9e30bd79187
MD5
7012f3339baef6f8d6b8089f1549e998
CRC-32
b7c188b8
File type
Windows executable
First seen
2013-07-18

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\startnow.exe
  • c:\Documents and Settings\test user\Local Settings\Application Data\DirectDownloader\directdownloader.exe
  • c:\Documents and Settings\test user\Local Settings\Temp\optimizer.exe
  • c:\Documents and Settings\test user\Local Settings\Temp\DirectDownloaderInstaller.exe
Processes Created
  • c:\windows\system32\cmd.exe
  • c:\windows\system32\netsh.exe
HTTP Requests
  • http://www.directdownloader.com/DirectDownloaderInstaller.exe
  • http://www.directdownloader.com/toolbars/optimizer.exe
  • http://www.directdownloader.com/toolbars/startnow.exe
DNS Requests
  • www.directdownloader.com

Example 2

File Information

Size
787K
SHA-1
a19b62113cc93349c5e4fd7181572a6d48fa520b
MD5
cbaf3a0f6f00b9a69ded4f3e110b8c85
CRC-32
4a339f4f
File type
Windows executable
First seen
2013-01-31

Example 3

File Information

Size
829K
SHA-1
adc9231722042e27f2077375642543fc54c0c35a
MD5
68774d6dbbc1d317a0d5a81071a65cb4
CRC-32
1ec8fde0
File type
Windows executable
First seen
2013-07-10

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\DirectDownloaderInstaller.exe
  • c:\Documents and Settings\test user\Local Settings\Temp\yontoo.exe
  • c:\Documents and Settings\test user\Local Settings\Application Data\DirectDownloader\directdownloader.exe
  • c:\Documents and Settings\test user\Local Settings\Temp\optimizer.exe
  • c:\Documents and Settings\test user\Local Settings\Temp\babylon.exe
Processes Created
  • c:\windows\system32\cmd.exe
  • c:\windows\system32\netsh.exe
HTTP Requests
  • http://www.directdownloader.com/DirectDownloaderInstaller.exe
  • http://www.directdownloader.com/toolbars/babylon.exe
  • http://www.directdownloader.com/toolbars/optimizer.exe
  • http://www.directdownloader.com/toolbars/yontoo.exe
DNS Requests
  • www.directdownloader.com

Download Sophos Produkte kostenlos testen
Jetzt downloaden