Kreapixel

Catégorie: Adwares et PUA Protection disponible depuis:21 oct. 2013 22:44:46 (GMT)
Type: Unspecified PUA Dernière mise à jour :21 oct. 2013 22:44:46 (GMT)

Download Téléchargez notre outil gratuit de suppression des virus - Découvrez ce que votre antivirus actuel n'a pas su détecter

Kreapixel  is an installer which bundles legitimate applications with offers for additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.

Examples of Kreapixel include:

Example 1

File Information

Size
506K
SHA-1
1176a096cfcad9d18bd3ca144c09bb7cf514b0bc
MD5
998349aea9856642a0235cd339f4aa2f
CRC-32
c14bd81c
File type
Windows executable
First seen
2013-10-17

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\__TEMPWEBPLAYER__\SETUP.ini
    Size
    2.9K
    SHA-1
    c5f9e3c050883ea428c82b86d283e556c4518b84
    MD5
    cac1e24e2144d51afe4ce1d0ab34730f
    CRC-32
    91c69652
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2013-10-16
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    GlobalUserOffline
    0x00000000
HTTP Requests
  • http://softs.illyx.com/setup/dlini.php
  • http://softs.illyx.com/setup/ressources/commun/fr/decline.png
  • http://softs.illyx.com/setup/ressources/commun/fr/installer.png
  • http://softs.illyx.com/setup/ressources/commun/fr/okPopup.png
  • http://softs.illyx.com/setup/ressources/commun/fr/suivant.png
  • http://softs.illyx.com/setup/ressources/webplayer/air_logo.png
DNS Requests
  • softs.illyx.com

Example 2

File Information

Size
512K
SHA-1
bd7950b4e36d622fcd38e904191afd21ed224b7c
MD5
ecadeec56528539bc03855b410d0eb17
CRC-32
1ee41a33
File type
Windows executable
First seen
2013-10-02

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\__TEMPWEBPLAYER__\decline.png
    Size
    1.8K
    SHA-1
    3e8ad3f21bb96611f55b09b39095df352d6eb1b1
    MD5
    2753fc42f37df72e217d57b6f95d8308
    CRC-32
    e2e8b0fc
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2013-08-15
  • c:\Documents and Settings\test user\Local Settings\Temp\__TEMPWEBPLAYER__\cancelPopup.png
    Size
    1.7K
    SHA-1
    8090e9bf9335d13b7734497e1b95a9c3c874dafe
    MD5
    53423902afe3c110541627ab23e5f6ef
    CRC-32
    03edbf59
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2013-08-15
  • c:\Documents and Settings\test user\Local Settings\Temp\__TEMPWEBPLAYER__\okPopup.png
    Size
    1.7K
    SHA-1
    136d546f302b5a4fc34117142e4fb30d67a59965
    MD5
    3896405e3d106c2f10aa959074adf590
    CRC-32
    ac935199
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2013-08-15
  • c:\Documents and Settings\test user\Local Settings\Temp\__TEMPWEBPLAYER__\next.png
    Size
    1.8K
    SHA-1
    b464f80ce255af4db1374f97f80d90a29dfb500a
    MD5
    88ff27aae9d1765f94885c77707d306d
    CRC-32
    8e751dd7
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2013-08-21
  • c:\Documents and Settings\test user\Local Settings\Temp\__TEMPWEBPLAYER__\close.png
    Size
    188
    SHA-1
    fcfb3d00816b8f202613f427731828359e6d2796
    MD5
    4db8c4e7043b4da3d2985b85c01d29a4
    CRC-32
    d61d3b28
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2013-08-15
  • c:\Documents and Settings\test user\Local Settings\Temp\__TEMPWEBPLAYER__\logo.png
    Size
    6.9K
    SHA-1
    d1e5acd23b81db45a083572f74203936324b7411
    MD5
    0c0416a9f979824bd340fc4c189ba868
    CRC-32
    f0835c0c
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2013-08-17
  • c:\Documents and Settings\test user\Local Settings\Temp\__TEMPWEBPLAYER__\installer.png
    Size
    2.1K
    SHA-1
    11c55143957bbeca92b4b4e22425841e07311e83
    MD5
    ae1d6fdaa1649a4c5989a2139efd3ebf
    CRC-32
    60924432
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2013-08-21
  • c:\Documents and Settings\test user\Local Settings\Temp\__TEMPWEBPLAYER__\SETUP.ini
    Size
    1.8K
    SHA-1
    de3cf81b3d0443305b5eabae0530d573c2220ed3
    MD5
    f56ed5b2d7a05e8701531a4c4c6f24a7
    CRC-32
    30792829
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2013-10-02
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    GlobalUserOffline
    0x00000000
HTTP Requests
  • http://softs.illyx.com/setup/dlini.php
  • http://softs.illyx.com/setup/ressources/commun/close.png
  • http://softs.illyx.com/setup/ressources/commun/us/cancelPopup.png
  • http://softs.illyx.com/setup/ressources/commun/us/decline.png
  • http://softs.illyx.com/setup/ressources/commun/us/installer.png
  • http://softs.illyx.com/setup/ressources/commun/us/okPopup.png
  • http://softs.illyx.com/setup/ressources/commun/us/suivant.png
  • http://softs.illyx.com/setup/ressources/webplayer/logo.png
DNS Requests
  • softs.illyx.com

Example 3

File Information

Size
512K
SHA-1
dca542f85dcb329ffb9ac9ef3a416449f8c2f064
MD5
91d9d3e93b0a756787842efa31e61000
CRC-32
87a62488
File type
Windows executable
First seen
2013-10-17

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\__TEMPWEBPLAYER__\SETUP.ini
  • c:\Documents and Settings\test user\Local Settings\Temp\__TEMPWEBPLAYER__\okPopup.png
    Size
    1.7K
    SHA-1
    136d546f302b5a4fc34117142e4fb30d67a59965
    MD5
    3896405e3d106c2f10aa959074adf590
    CRC-32
    ac935199
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2013-08-15
  • c:\Documents and Settings\test user\Local Settings\Temp\__TEMPWEBPLAYER__\cancelPopup.png
    Size
    1.7K
    SHA-1
    8090e9bf9335d13b7734497e1b95a9c3c874dafe
    MD5
    53423902afe3c110541627ab23e5f6ef
    CRC-32
    03edbf59
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2013-08-15
  • c:\Documents and Settings\test user\Local Settings\Temp\__TEMPWEBPLAYER__\logo.png
    Size
    6.9K
    SHA-1
    d1e5acd23b81db45a083572f74203936324b7411
    MD5
    0c0416a9f979824bd340fc4c189ba868
    CRC-32
    f0835c0c
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2013-08-17
  • c:\Documents and Settings\test user\Local Settings\Temp\__TEMPWEBPLAYER__\decline.png
    Size
    1.8K
    SHA-1
    3e8ad3f21bb96611f55b09b39095df352d6eb1b1
    MD5
    2753fc42f37df72e217d57b6f95d8308
    CRC-32
    e2e8b0fc
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2013-08-15
  • c:\Documents and Settings\test user\Local Settings\Temp\__TEMPWEBPLAYER__\installer.png
    Size
    2.1K
    SHA-1
    11c55143957bbeca92b4b4e22425841e07311e83
    MD5
    ae1d6fdaa1649a4c5989a2139efd3ebf
    CRC-32
    60924432
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2013-08-21
  • c:\Documents and Settings\test user\Local Settings\Temp\__TEMPWEBPLAYER__\next.png
    Size
    1.8K
    SHA-1
    b464f80ce255af4db1374f97f80d90a29dfb500a
    MD5
    88ff27aae9d1765f94885c77707d306d
    CRC-32
    8e751dd7
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2013-08-21
  • c:\Documents and Settings\test user\Local Settings\Temp\__TEMPWEBPLAYER__\close.png
    Size
    188
    SHA-1
    fcfb3d00816b8f202613f427731828359e6d2796
    MD5
    4db8c4e7043b4da3d2985b85c01d29a4
    CRC-32
    d61d3b28
    File type
    PNG (Portable Network Graphics) image format
    First seen
    2013-08-15
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    GlobalUserOffline
    0x00000000
HTTP Requests
  • http://css3-mediaqueries-js.googlecode.com/svn/trunk/css3-mediaqueries.js
  • http://html5shim.googlecode.com/svn/trunk/html5.js
  • http://softs.illyx.com/setup/dlini.php
  • http://softs.illyx.com/setup/ressources/commun/close.png
  • http://softs.illyx.com/setup/ressources/commun/us/cancelPopup.png
  • http://softs.illyx.com/setup/ressources/commun/us/decline.png
  • http://softs.illyx.com/setup/ressources/commun/us/installer.png
  • http://softs.illyx.com/setup/ressources/commun/us/okPopup.png
  • http://softs.illyx.com/setup/ressources/commun/us/suivant.png
  • http://softs.illyx.com/setup/ressources/webplayer/logo.png
  • http://www.webplayer.tv/conditions3.php
  • http://www.webplayer.tv/css/reset.css
DNS Requests
  • css3-mediaqueries-js.googlecode.com
  • html5shim.googlecode.com
  • softs.illyx.com
  • www.webplayer.tv

download Essayez les produits Sophos gratuitement
Téléchargez maintenant