Live Soft Action

Catégorie: Adwares et PUA Protection disponible depuis:29 janv. 2014 23:38:48 (GMT)
Type: Adware Dernière mise à jour :29 janv. 2014 23:38:48 (GMT)

Download Téléchargez notre outil gratuit de suppression des virus - Découvrez ce que votre antivirus actuel n'a pas su détecter

Examples of Live Soft Action include:

Example 1

File Information

Size
611K
SHA-1
0004cf9a19aa68a5153255f07dea911496b13070
MD5
cad399da8fac22d7e8be8387c58713ab
CRC-32
4bef613e
File type
Windows executable
First seen
2014-01-28

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\Tempdir\Downloader.log
    Size
    86
    SHA-1
    5f0a50114f7440b031a8023abf0a0de73d60c950
    MD5
    e6a435549622065d3d0ce53160166592
    CRC-32
    6ddc4880
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2014-01-28
Registry Keys Created
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\ProxyStubClsid32
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\LocalServer32
    (Default)
    "c:\test_item.exe"
  • HKCR\Setup.Application\CLSID
    (Default)
    {017E057B-DACF-4A07-B878-E294565E3F90}
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014012820140129
    CacheRepair
    0x00000000
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\0\win32
    (Default)
    c:\test_item.exe
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\TypeLib
    Version
    1.0
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\InprocHandler32
    (Default)
    ole32.dll
  • HKCR\Setup.Application
    (Default)
    Setup.Application
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\FLAGS
    (Default)
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}
    (Default)
    Setup.Application
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\ProgID
    (Default)
    Setup.Application
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
    (Default)
    ISetup
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0
    (Default)
    Setup
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\ProxyStubClsid
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\HELPDIR
    (Default)
  • HKCU\Software\Appscion
    AppInstanceUid
    072DE869-0D27-4CCC-90EE-58151ADA24C5
HTTP Requests
  • http://cdn-appserver.appscion.com/software/
  • http://geoloc.appscion.com/
  • http://setup.appscion.com/1033/18/v2/setup/product
  • http://setup.appscion.com/Content/Default/Images/ajax-loader.gif
  • http://setup.appscion.com/Content/Default/Images/image_v5.png
  • http://setup.appscion.com/Content/DiploDocs/Style/v2/setup.min.css
  • http://setup.appscion.com/Content/default/Style/v2/setup.min.css
  • http://setup.appscion.com/Content/reset.min.css
  • http://setup.appscion.com/Scripts/extensions.js
  • http://setup.appscion.com/Scripts/selectivizr-min.js
  • http://setup.appscion.com/scripts/jquery.js
  • http://setup.appscion.com/scripts/json2.js
  • http://setup.appscion.com/scripts/setup.js
  • http://setup.appscion.com/scripts/viewmodels/default.js
  • http://setup.appscion.com/setup
  • http://setup.appscion.com/wapi/datacontext/
  • http://www.google-analytics.com/analytics.js
  • http://www.google-analytics.com/collect
DNS Requests
  • cdn-appserver.appscion.com
  • geoloc.appscion.com
  • setup.appscion.com
  • www.google-analytics.com

Example 2

File Information

Size
610K
SHA-1
011b607219f19cbd738f757e23ffebe35cd0b648
MD5
24f76d4985dbff6b60ae66d0f518b485
CRC-32
7e6bb0ff
File type
Windows executable
First seen
2014-01-27

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\Tempdir\Downloader.log
    Size
    87
    SHA-1
    11eecf5572cd523b4103ccb59fb921ec5f0541cc
    MD5
    20ecc9afaacaf4423f0bd408863a19f2
    CRC-32
    b7ab5bde
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2014-01-27
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014012720140128
    CacheRepair
    0x00000000
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\LocalServer32
    (Default)
    "c:\test_item.exe"
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\FLAGS
    (Default)
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
    (Default)
    ISetup
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0
    (Default)
    Setup
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\InprocHandler32
    (Default)
    ole32.dll
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\HELPDIR
    (Default)
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\ProxyStubClsid
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\TypeLib
    Version
    1.0
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\0\win32
    (Default)
    c:\test_item.exe
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\ProxyStubClsid32
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\ProgID
    (Default)
    Setup.Application
  • HKCU\Software\Appscion
    AppInstanceUid
    8E4750D3-F1D2-4B14-8AA0-0C1FB07517B4
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}
    (Default)
    Setup.Application
  • HKCR\Setup.Application
    (Default)
    Setup.Application
  • HKCR\Setup.Application\CLSID
    (Default)
    {017E057B-DACF-4A07-B878-E294565E3F90}
Registry Keys Modified
  • HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication
    Name
    test_item.exe
HTTP Requests
  • http://cdn-appserver.appscion.com/software/
  • http://geoloc.appscion.com/
  • http://setup.appscion.com/1033/15/v3.1/setup/product
  • http://setup.appscion.com/Content/Default/Images/ajax-loader.gif
  • http://setup.appscion.com/Content/GetNow/Images/image_v5.png
  • http://setup.appscion.com/Content/GetNow/Style/V3.1/setup.min.css
  • http://setup.appscion.com/Content/reset.min.css
  • http://setup.appscion.com/Scripts/extensions.js
  • http://setup.appscion.com/Scripts/selectivizr-min.js
  • http://setup.appscion.com/scripts/jquery.js
  • http://setup.appscion.com/scripts/json2.js
  • http://setup.appscion.com/scripts/setup.js
  • http://setup.appscion.com/scripts/viewmodels/getnow.js
  • http://setup.appscion.com/setup
  • http://setup.appscion.com/wapi/datacontext/
  • http://www.google-analytics.com/analytics.js
  • http://www.google-analytics.com/collect
DNS Requests
  • cdn-appserver.appscion.com
  • geoloc.appscion.com
  • setup.appscion.com
  • www.google-analytics.com

Example 3

File Information

Size
611K
SHA-1
01284e6a4cb43ce49b11724c18d5a7d00818af9f
MD5
79346657d0a815b39bad1145cefe6dc0
CRC-32
bb664c5f
File type
Windows executable
First seen
2014-01-29

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\Tempdir\Downloader.log
Registry Keys Created
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0
    (Default)
    Setup
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\FLAGS
    (Default)
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
    (Default)
    ISetup
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\LocalServer32
    (Default)
    "c:\test_item.exe"
  • HKCU\Software\Appscion
    AppInstanceUid
    FBAB808C-49AC-4DF5-BD71-58A3BA46F8BD
  • HKCR\Setup.Application
    (Default)
    Setup.Application
  • HKCR\Setup.Application\CLSID
    (Default)
    {017E057B-DACF-4A07-B878-E294565E3F90}
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\ProgID
    (Default)
    Setup.Application
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\ProxyStubClsid32
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}
    (Default)
    Setup.Application
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\0\win32
    (Default)
    c:\test_item.exe
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\TypeLib
    Version
    1.0
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\ProxyStubClsid
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\InprocHandler32
    (Default)
    ole32.dll
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\HELPDIR
    (Default)
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014012920140130
    CacheRepair
    0x00000000
HTTP Requests
  • http://cdn-appserver.appscion.com/software/
  • http://geoloc.appscion.com/
  • http://setup.appscion.com/1033/18/v2/setup/product
  • http://setup.appscion.com/Content/Default/Images/ajax-loader.gif
  • http://setup.appscion.com/Content/Default/Images/image_v5.png
  • http://setup.appscion.com/Content/DiploDocs/Style/v2/setup.min.css
  • http://setup.appscion.com/Content/default/Style/v2/setup.min.css
  • http://setup.appscion.com/Content/reset.min.css
  • http://setup.appscion.com/Scripts/extensions.js
  • http://setup.appscion.com/Scripts/selectivizr-min.js
  • http://setup.appscion.com/scripts/jquery.js
  • http://setup.appscion.com/scripts/json2.js
  • http://setup.appscion.com/scripts/setup.js
  • http://setup.appscion.com/scripts/viewmodels/default.js
  • http://setup.appscion.com/setup
  • http://setup.appscion.com/wapi/datacontext/
  • http://www.google-analytics.com/analytics.js
  • http://www.google-analytics.com/collect
DNS Requests
  • cdn-appserver.appscion.com
  • geoloc.appscion.com
  • setup.appscion.com
  • www.google-analytics.com

download Essayez les produits Sophos gratuitement
Téléchargez maintenant