InstallBrain

Category: Adware and PUAs Protection available since:19 Oct 2012 23:28:06 (GMT)
Type: Unspecified PUA Last Updated:10 Apr 2013 00:22:36 (GMT)

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

InstallBrain is an installer which bundles legitimate applications with offers for additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.

Examples of InstallBrain include:

Example 1

File Information

Size
557K
SHA-1
0000768bfe175fc4cc26d0d802ea035c047ece6a
MD5
f9726c001abe329ba7d8e5e77600b2f8
CRC-32
3df58309
File type
Windows executable
First seen
2012-10-15

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Temp\wall2go333317.exe
Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\page_584_attr_3.png
    Size
    14K
    SHA-1
    1e719a7cbf65597f890ab89ae030034af41b8336
    MD5
    3b99f6394a7365fec59bf2cfa1b11275
    CRC-32
    8afa4f5b
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2012-03-07
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\page_2367_attr_46.bmp
    Size
    42K
    SHA-1
    a41ae63f80dc451fb68a34f64aa86867f2cdbd6e
    MD5
    19cafe521085d306aa66d256bce120c6
    CRC-32
    d91e5339
    File type
    Device-independent bitmap (DIB) file
    First seen
    2012-03-06
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\template_40.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ib\arrow.gif
    Size
    207
    SHA-1
    d2eb41a48c05af5f54ba24456ed6f751fa5b0804
    MD5
    e59393726e591e7688132d3e467f9d58
    CRC-32
    b95a72a4
    File type
    Graphic interchange format
    First seen
    2012-02-23
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\586.html
    Size
    3.3K
    SHA-1
    adf3fb5e3ca48d29a6c3d2019ab75aabb60d4c25
    MD5
    9fd8d4a2af72c81f2e3e15b52260ad70
    CRC-32
    1df256b8
    File type
    Hypertext Markup Language
    First seen
    2012-06-13
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\js\smart.js
    Size
    22K
    SHA-1
    21eae1a0489fd7acfe81729291fce2ead102debb
    MD5
    8d3095923d083e7f4af19ee5d9fab1a9
    CRC-32
    9dbd2d12
    File type
    JavaScript
    First seen
    2012-05-01
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ib\trust.gif
    Size
    437
    SHA-1
    f14ef2635cb28a8bc867be1a079169f87de35b29
    MD5
    ca20a3e54659f23c282e968e1f25c45d
    CRC-32
    1222d9ce
    File type
    Graphic interchange format
    First seen
    2012-02-23
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\584.html
    Size
    3.6K
    SHA-1
    e1cd6fee01164dfcec1c3392f95c2aa2a09a0ff3
    MD5
    46ad7e4b30048f789e1b9cdb7928f325
    CRC-32
    c63ea06d
    File type
    Hypertext Markup Language
    First seen
    2012-07-19
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\page_2365_attr_3.png
    Size
    14K
    SHA-1
    1e719a7cbf65597f890ab89ae030034af41b8336
    MD5
    3b99f6394a7365fec59bf2cfa1b11275
    CRC-32
    8afa4f5b
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2012-03-07
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\js\config.js
    Size
    1.1K
    SHA-1
    89420a11047516058b75aa8dc63efce4f14ead27
    MD5
    a466f1a3c27d888fc922706870a672a7
    CRC-32
    c1f3a09f
    File type
    JavaScript
    First seen
    2012-02-18
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\page_2367_attr_15.png
    Size
    81K
    SHA-1
    2eccb08e1d51b85808bf8ec180fc5a99f260a0d2
    MD5
    e9d036477a8274017a6e1c3d432ccb54
    CRC-32
    71eb79ea
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2012-04-11
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\red-pb-act-right.jpg
    Size
    694
    SHA-1
    22d907e481dfaf7b0935d7632f24bfe1d28900ea
    MD5
    8e245fdba5046bc9370e30d555136691
    CRC-32
    cff0e7cd
    File type
    JPEG Interchange Format
    First seen
    2012-02-18
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ib\b3.gif
    Size
    384
    SHA-1
    08088a71bdb759efa4ef4e4f45ad914ea6328f26
    MD5
    6b798878e8aa084ee38ea2bb33fabab8
    CRC-32
    8f25fdce
    File type
    Graphic interchange format
    First seen
    2012-02-23
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\2365.html
    Size
    5.5K
    SHA-1
    46fc55945cfb2427242decdd8cfdd0d9e495c643
    MD5
    627c989d4d312f9469e6c55dc4fb7cb3
    CRC-32
    1e28f89e
    File type
    Hypertext Markup Language
    First seen
    2012-09-08
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\page_2366_attr_3.png
    Size
    14K
    SHA-1
    1e719a7cbf65597f890ab89ae030034af41b8336
    MD5
    3b99f6394a7365fec59bf2cfa1b11275
    CRC-32
    8afa4f5b
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2012-03-07
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\2367.html
    Size
    3.4K
    SHA-1
    321215f5c58fceb58860f150d3bc6f62ca579417
    MD5
    03af13f05480d5c53fa2e0fed9b3e969
    CRC-32
    6812c230
    File type
    Hypertext Markup Language
    First seen
    2012-07-19
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ib\b-bg.gif
    Size
    295
    SHA-1
    40ee0d31bd32ab90a977ebbf640c9c03d5d4bdc5
    MD5
    1fd20d77482fa7374d96fae16c05af33
    CRC-32
    1d588318
    File type
    Graphic interchange format
    First seen
    2012-02-23
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\page_2365_attr_46.bmp
    Size
    42K
    SHA-1
    a41ae63f80dc451fb68a34f64aa86867f2cdbd6e
    MD5
    19cafe521085d306aa66d256bce120c6
    CRC-32
    d91e5339
    File type
    Device-independent bitmap (DIB) file
    First seen
    2012-03-06
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ib\corn2.png
    Size
    136
    SHA-1
    33a70391ea5178e08fd047df58fc7e9292954f3b
    MD5
    43fd885dd90eb9ac613d8eef27c50e95
    CRC-32
    e2d89cda
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2012-02-19
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\585.html
    Size
    3.8K
    SHA-1
    07f5110f05072e5d835f530cc07d27732e1898af
    MD5
    cc62f2f5081f919dea048c88cf407ba4
    CRC-32
    c6bf0bdb
    File type
    Hypertext Markup Language
    First seen
    2012-06-13
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\page_586_attr_3.png
    Size
    14K
    SHA-1
    1e719a7cbf65597f890ab89ae030034af41b8336
    MD5
    3b99f6394a7365fec59bf2cfa1b11275
    CRC-32
    8afa4f5b
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2012-03-07
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\js\jquery.noselect.min.js
    Size
    299
    SHA-1
    4223d971949e4cdbcd77e01277f6b63a6a0794e5
    MD5
    5d8695424bd95c0fa7930b9544041b08
    CRC-32
    c48ed906
    File type
    JavaScript
    First seen
    2012-02-18
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ib\arrow.png
    Size
    911
    SHA-1
    8e63744f7882a28749389ea8f0ae1532c0bce47b
    MD5
    2552341fe2cff755e80e5063a3b5941c
    CRC-32
    b4980d00
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2012-02-23
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ib\corn1.png
    Size
    139
    SHA-1
    02fa1ed9acd529a7f843e2487314c522a99875d1
    MD5
    c5e7aadfabf03e1e0bf154e5f4eb659b
    CRC-32
    2383ba0f
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2012-02-19
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\pb-bg.jpg
    Size
    333
    SHA-1
    811c6e931da087b2770ca12adb8279f0812c2d5d
    MD5
    2e10180c1033f49fef8881a9d0506dac
    CRC-32
    93de945a
    File type
    JPEG Interchange Format
    First seen
    2012-02-18
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\page_2366_attr_46.bmp
    Size
    42K
    SHA-1
    a41ae63f80dc451fb68a34f64aa86867f2cdbd6e
    MD5
    19cafe521085d306aa66d256bce120c6
    CRC-32
    d91e5339
    File type
    Device-independent bitmap (DIB) file
    First seen
    2012-03-06
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\page_1210_attr_3.png
    Size
    14K
    SHA-1
    1e719a7cbf65597f890ab89ae030034af41b8336
    MD5
    3b99f6394a7365fec59bf2cfa1b11275
    CRC-32
    8afa4f5b
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2012-03-07
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\js\jquery-1.7.min.js
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\page_2367_attr_3.png
    Size
    14K
    SHA-1
    1e719a7cbf65597f890ab89ae030034af41b8336
    MD5
    3b99f6394a7365fec59bf2cfa1b11275
    CRC-32
    8afa4f5b
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2012-03-07
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\check.jpg
    Size
    1.1K
    SHA-1
    da754d95145bb72393cf3c65996ef679fa95d736
    MD5
    45be5e2ef98fa9aa42529da98cf9d62b
    CRC-32
    20fb9064
    File type
    JPEG Interchange Format
    First seen
    2012-02-18
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\page_585_attr_46.bmp
    Size
    42K
    SHA-1
    a41ae63f80dc451fb68a34f64aa86867f2cdbd6e
    MD5
    19cafe521085d306aa66d256bce120c6
    CRC-32
    d91e5339
    File type
    Device-independent bitmap (DIB) file
    First seen
    2012-03-06
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\page_584_attr_15.png
    Size
    13K
    SHA-1
    57a40093060e605aeb8736a17e9ce0aff63e28d2
    MD5
    6d0bbc5217982779a03841de4ce26f2d
    CRC-32
    4afc2221
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2012-04-11
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ib\lbg-top.gif
    Size
    14K
    SHA-1
    32c7a3f9822c685d086529354c764ef749afe904
    MD5
    cdc14b5c3aae1631cd7474374f558193
    CRC-32
    0248a151
    File type
    Graphic interchange format
    First seen
    2012-02-23
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\pb-bg-right.jpg
    Size
    468
    SHA-1
    3f06444e6b765714a4cef6fadbb41dde408076e4
    MD5
    76b8fc261a0fe9b93823266d92364d48
    CRC-32
    2c1e6dab
    File type
    JPEG Interchange Format
    First seen
    2012-02-18
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ib\b4.gif
    Size
    661
    SHA-1
    5ee26dfb316d3609fcaccf6397d54b1c2e980cc2
    MD5
    3b3924eba4e7ae4a2a99e76df1977794
    CRC-32
    45f1e8d1
    File type
    Graphic interchange format
    First seen
    2012-02-23
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\red-pb-act.jpg
    Size
    380
    SHA-1
    3fe1a250be8f4631f30d569e9547e8a893616a9b
    MD5
    da7ee492bc775bdb5fee5ca0c2fd3838
    CRC-32
    dc82f9eb
    File type
    JPEG Interchange Format
    First seen
    2012-02-18
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ib\lbg.gif
    Size
    5.3K
    SHA-1
    09236fa3f23e1fca188aaca960363753c5a978eb
    MD5
    180bc08fc2ff239de985ccf1656a3e39
    CRC-32
    b6022cf7
    File type
    Graphic interchange format
    First seen
    2012-02-23
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\page_1210_attr_46.bmp
    Size
    42K
    SHA-1
    a41ae63f80dc451fb68a34f64aa86867f2cdbd6e
    MD5
    19cafe521085d306aa66d256bce120c6
    CRC-32
    d91e5339
    File type
    Device-independent bitmap (DIB) file
    First seen
    2012-03-06
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\events\events.js
    Size
    4.1K
    SHA-1
    7efd15eabb51d38c3fea97dc30805072fc89f138
    MD5
    734bf4c4d885cff2397b1c47eac5156a
    CRC-32
    2c997d39
    File type
    JavaScript
    First seen
    2012-07-19
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\page_584_attr_46.bmp
    Size
    42K
    SHA-1
    a41ae63f80dc451fb68a34f64aa86867f2cdbd6e
    MD5
    19cafe521085d306aa66d256bce120c6
    CRC-32
    d91e5339
    File type
    Device-independent bitmap (DIB) file
    First seen
    2012-03-06
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ib\main.css
    Size
    8.3K
    SHA-1
    7a0d9fc7e92be2a4a968c0c9b31601b80c6b813e
    MD5
    eb622082fdb08a3495f2770f890494f8
    CRC-32
    4071c7ba
    File type
    Cascading Style Sheet
    First seen
    2012-03-06
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\page_585_attr_3.png
    Size
    14K
    SHA-1
    1e719a7cbf65597f890ab89ae030034af41b8336
    MD5
    3b99f6394a7365fec59bf2cfa1b11275
    CRC-32
    8afa4f5b
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2012-03-07
  • c:\Documents and Settings\test user\Local Settings\Temp\2.tmp
    Size
    14K
    SHA-1
    4966ef8f44ab7d4e1a555b496621c7d25f683611
    MD5
    636552dbc7860571899cb4e7219e94c8
    CRC-32
    7c381871
    File type
    Extensible Markup Language (XML)
    First seen
    2012-08-19
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ib\corn4.png
    Size
    130
    SHA-1
    9a7d91c91dfc5325bcf082a2fd4b6a26a876327c
    MD5
    365029d515a200667b472e6c21fbbf22
    CRC-32
    18b2dcea
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2012-02-19
  • c:\Documents and Settings\test user\Desktop\Continue wall2go installation.lnk
    Size
    791
    SHA-1
    1ba680370d416fa7b617e5a04247768ddc39d1bd
    MD5
    79f9697adc393aaf0fa80d2b97cc6050
    CRC-32
    8dbe5eb6
    File type
    Windows Shortcut file (.LNK)
    First seen
    2012-10-15
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ajax-loader2.gif
    Size
    6.7K
    SHA-1
    9a7d6b553d4e73edea59f99bd05f3de2662d68ef
    MD5
    f6da23a955b4c5f6888b78d6704bfd83
    CRC-32
    ff0bcf6a
    File type
    Graphic interchange format
    First seen
    2012-02-19
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\1210.html
    Size
    14K
    SHA-1
    5960d563c0856a22259642e168483b2fbf2e4e50
    MD5
    eba1dfe545abd5247415cc1dfa3f621c
    CRC-32
    d6306cfb
    File type
    Hypertext Markup Language
    First seen
    2012-07-19
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ib\lbg-bottom.gif
    Size
    9.1K
    SHA-1
    69d0778cd403608844bd324d3278078c8d2a5421
    MD5
    7ddfe7aae738fd183fb7a05ebf6a7996
    CRC-32
    0e1b8343
    File type
    Graphic interchange format
    First seen
    2012-02-23
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ajax-loader.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\2366.html
    Size
    5.5K
    SHA-1
    9b9028003658fdab3267424208b27b43d8642f1f
    MD5
    57392d3c85c884c229f5a9fc24fe5ca8
    CRC-32
    46db92c5
    File type
    Hypertext Markup Language
    First seen
    2012-09-08
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\component_265
    Size
    483K
    SHA-1
    4a391bff7fe6780654f9d74b63af3ae0e0eb20af
    MD5
    e98e588b92145539e7b9da2f9f036ad9
    CRC-32
    13d26b75
    File type
    Windows executable
    First seen
    2012-04-18
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\page_586_attr_46.bmp
    Size
    42K
    SHA-1
    a41ae63f80dc451fb68a34f64aa86867f2cdbd6e
    MD5
    19cafe521085d306aa66d256bce120c6
    CRC-32
    d91e5339
    File type
    Device-independent bitmap (DIB) file
    First seen
    2012-03-06
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\pb-bg-left.jpg
    Size
    460
    SHA-1
    90d6be20c34d09ee96ae159fd60a4a27111d29d9
    MD5
    00d9cfcf73887764e50af9b60845478d
    CRC-32
    c909eeb7
    File type
    JPEG Interchange Format
    First seen
    2012-02-18
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\red-pb-act-left.jpg
    Size
    681
    SHA-1
    b30ae124419f96630320e9cb473639dddef74463
    MD5
    66654e879ad2cd806db9851035878b9a
    CRC-32
    c61ded6f
    File type
    JPEG Interchange Format
    First seen
    2012-02-18
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ib\btn2.png
    Size
    402
    SHA-1
    9c8ac194b8e8f49b0a785220fe24b2affd213284
    MD5
    cf9e964e2540767be74ed19c30267c34
    CRC-32
    59d4b8fa
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2012-03-06
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ib\corn3.png
    Size
    138
    SHA-1
    fd3faa4931c403a62643a08fd368a047bf74c765
    MD5
    228eb9bcf1cc874cdcd2e8f7c9850c8c
    CRC-32
    539f0d54
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2012-02-19
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ib\center2.jpg
    Size
    305
    SHA-1
    ed66236f7db2924ba1f958dca97878b64d539ee5
    MD5
    390596b126edfb80e3ee615d7567689e
    CRC-32
    324cd295
    File type
    JPEG Interchange Format
    First seen
    2012-02-19
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ib\btn.png
    Size
    716
    SHA-1
    64926c79a672bbe9ff05090e1074e3259fa69557
    MD5
    9143dee981c65f8704b4b1f4cbf120ba
    CRC-32
    9deee75b
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2012-02-23
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp5070164\config\ib\mid.jpg
    Size
    403
    SHA-1
    f6fdcabf76965d7f38e79b67b34ad5f92e5f5248
    MD5
    59c7970dc9f80fea9efd5be6f3e4cab6
    CRC-32
    3264bcbb
    File type
    JPEG Interchange Format
    First seen
    2012-02-19
HTTP Requests
  • http://bootstrap1-639932975.us-east-1.elb.amazonaws.com/installer/bootstrap.php
  • http://d2qsma9t6l5kt7.cloudfront.net/components/SavingsSidekickR_v1.cf
  • http://s3.amazonaws.com/installbrain/bootstrap/164/start.cf
  • http://s3.amazonaws.com/installbrain/bootstrap/164/startgui.cf
  • http://s3.amazonaws.com/installbrain/components/SearchalgoMngr_v5.cf
  • http://s3.amazonaws.com/www.bit89.com/download/wall2go/Wall2Go.NetSetup.exe
DNS Requests
  • bootstrap1-639932975.us-east-1.elb.amazonaws.com
  • d2qsma9t6l5kt7.cloudfront.net
  • s3.amazonaws.com
  • stats1-1013604270.us-east-1.elb.amazonaws.com

Example 2

File Information

Size
579K
SHA-1
0001b7096470188137ae202c37fbe0f10b7804e8
MD5
4fda4d75cb836a96c419e74811592efc
CRC-32
abb817bd
File type
Windows executable
First seen
2012-10-12

Runtime Analysis

HTTP Requests
  • http://bootstrap1-639932975.us-east-1.elb.amazonaws.com/installer/bootstrap.php
DNS Requests
  • bootstrap1-639932975.us-east-1.elb.amazonaws.com

Example 3

File Information

Size
579K
SHA-1
0002e38de71d66cd1b75a0f22acc6b2e7f754070
MD5
67e880a0644c12e53ed00a90c489a99e
CRC-32
0480b2c7
File type
Windows executable
First seen
2012-10-12

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Temp\ZoolaGames Setup313312.exe
Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\2.tmp
    Size
    4.6K
    SHA-1
    f8a1caba4d49eb90beb10dfb9f4557a3312d4dc1
    MD5
    e22e07f32c85cb569313a3d9e407d200
    CRC-32
    410c930b
    File type
    Extensible Markup Language (XML)
    First seen
    2012-09-04
HTTP Requests
  • http://bootstrap1-639932975.us-east-1.elb.amazonaws.com/installer/bootstrap.php
  • http://s3.amazonaws.com/installbrain/bootstrap/383/start.cf
DNS Requests
  • bootstrap1-639932975.us-east-1.elb.amazonaws.com
  • s3.amazonaws.com

download Try Sophos products for free
Download now

© 1997 - 2013 Sophos Ltd. All rights reserved. Legal Privacy Cookie Information