1 Click Downloader

Catégorie: Adwares et PUA Protection disponible depuis:28 janv. 2014 04:39:47 (GMT)
Type: Adware Dernière mise à jour :01 sept. 2014 19:15:09 (GMT)

Download Téléchargez notre outil gratuit de suppression des virus - Découvrez ce que votre antivirus actuel n'a pas su détecter

Examples of 1 Click Downloader include:

Example 1

File Information

Size
480K
SHA-1
0472761b15bdf3eb5b193c284e3e384bd887ab78
MD5
3695b315280bb2d6739fdfd1172047f3
CRC-32
7b582d37
File type
Windows executable
First seen
2013-07-09

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\1clogo.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\load_4.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\dAg
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\side.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\nsDialogs.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\accept3.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\accept.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skip.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\decline.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\accept1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\accept2.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\back_dis.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\close.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\accept0.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\locate.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\gCD
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\accept_disabled.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\inetc3.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\back.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\bmidt.txt
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\System.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\complist.txt
Registry Keys Created
  • HKCR\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
    id0
    03032014
  • HKCU\Software\1ClickDownload
    LastInstall3
    30357204
HTTP Requests
  • http://data.torntv.net/country.asp
  • http://torntvz.net/ping.php
DNS Requests
  • data.torntv.net
  • torntvz.net

Example 2

File Information

Size
468K
SHA-1
081e0d9b275e9f275594179ffcd2d60f19620268
MD5
08e51dd8883f08cd52bb15cbda08c704
CRC-32
52cc1084
File type
Windows executable
First seen
2013-07-09

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\dAg
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\accept.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\1clogo.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\accept0.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\accept2.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\accept3.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\gCD
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\accept_disabled.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\back_dis.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\accept1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\load_4.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\decline.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\back.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\locate.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\System.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\inetc3.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\skip.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\close.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\bmidt.txt
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\side.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\complist.txt
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm4.tmp\nsDialogs.dll
Registry Keys Created
  • HKCU\Software\1ClickDownload
    LastInstall3
    30356406
  • HKCR\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
    id0
    27022014
HTTP Requests
  • http://data.torntv.net/country.asp
  • http://torntvz.net/ping.php
DNS Requests
  • data.torntv.net
  • torntvz.net

Example 3

File Information

Size
480K
SHA-1
0a0794580eba80309b6597f3336d577e2c3e9c28
MD5
8dacd6a91a1616ccc410c4ebc9af31bb
CRC-32
f79f40da
File type
Windows executable
First seen
2013-07-09

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\bmidt.txt
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\System.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\accept1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\accept3.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\skip.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\back.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\close.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\back_dis.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\locate.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\decline.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\nsDialogs.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\load_4.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\inetc3.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\complist.txt
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\side.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\1clogo.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\accept.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\accept0.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\accept2.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\gCD
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\accept_disabled.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsc4.tmp\dAg
Registry Keys Created
  • HKCR\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
    id0
    02032014
  • HKCU\Software\1ClickDownload
    LastInstall3
    30356993
HTTP Requests
  • http://data.torntv.net/country.asp
  • http://torntvz.net/ping.php
DNS Requests
  • data.torntv.net
  • torntvz.net

download Essayez les produits Sophos gratuitement
Téléchargez maintenant