WISEN WIZARD

Kategorie: Adware und PUAs Schutz verfügbar seit:13 Mai 2014 19:52:40 (GMT)
Typ: Unspecified PUA Zuletzt aktualisiert:18 Jun 2014 00:33:25 (GMT)

Download Kostenloses Virus Removal Tool downloaden – Finden Sie Bedrohungen, die Ihre Virenschutzsoftware übersehen hat

Examples of WISEN WIZARD include:

Example 1

File Information

Size
228K
SHA-1
63fabe607529876dd229697ae5fe36a810ebebfd
MD5
8d787cada2b19d3e38f17b2e086a7590
CRC-32
f323bdd1
File type
Windows executable
First seen
2014-01-28

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\nsf3.tmp\nsJSON.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsf3.tmp\nsExec.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\ilg
    Size
    27K
    SHA-1
    5387eb101fcc7cd3d9036f9de6610529803c94a5
    MD5
    b96f290948ec1000d0009ee3ceed8076
    CRC-32
    02a1f271
    File type
    application/octet-stream
    First seen
    2014-05-08
  • c:\Documents and Settings\test user\Local Settings\Temp\nsf3.tmp\WmiInspector.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsf3.tmp\IpConfig.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsf3.tmp\UserInfo.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsf3.tmp\inetc.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsf3.tmp\System.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsf3.tmp\NSISEncrypt.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\wisen wizard\lm
    Size
    44
    SHA-1
    29943150b9034de5053bb4e5d47a5893750afcb6
    MD5
    e1c9f5515b178cd319b6d74e1af4b009
    CRC-32
    e2ff2e60
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2014-04-13
Processes Created
  • c:\docume~1\support\locals~1\temp\nsf3.tmp\ns4.tmp
  • c:\docume~1\support\locals~1\temp\nsf3.tmp\ns5.tmp
HTTP Requests
  • http://install.wisenwizard.net/fp
  • http://install.wisenwizard.net/ii
  • http://install.wisenwizard.net/mg
DNS Requests
  • install.wisenwizard.net

Example 2

File Information

Size
234K
SHA-1
0e99a6c245cfe0892aa24cd6af80fea553f371c5
MD5
522914e7bb5c8a227a0bd3e6e4c3fa43
CRC-32
b2d4ebf7
File type
application/x-ms-dos-executable
First seen
2014-06-13

Runtime Analysis

Registry Keys Created
  • HKLM\SYSTEM\CurrentControlSet\Services
    Tag
    0x00000010
Registry Keys Modified
  • HKLM\SYSTEM\CurrentControlSet\Control\GroupOrderList
    PNP_TDI
    10 00 00 00 05 00 00 00 01 00 00 00 02 00 00 00 03 00 00 00 04 00 00 00 10 00 00 00 0b 00 00 00 0c 00 00 00 09 00 00 00 0a 00 00 00 08 00 00 00 06 00 00 00 07 00 00 00 0d 00 00 00 0e 00 00 00 0f 00 00 00

Example 3

File Information

Size
101K
SHA-1
1b787a4b7a0796ede214a9d0e3fbafc0883b035b
MD5
07a069543429e9510c45f51f37636b35
CRC-32
f78cf3e3
File type
Windows executable
First seen
2007-09-19

Download Sophos Produkte kostenlos testen
Jetzt downloaden