Live Soft Action

Catégorie: Adwares et PUA Protection disponible depuis:29 janv. 2014 23:38:48 (GMT)
Type: Adware Dernière mise à jour :03 mars 2015 02:27:40 (GMT)

Download Téléchargez notre outil gratuit de suppression des virus - Découvrez ce que votre antivirus actuel n'a pas su détecter

Examples of Live Soft Action include:

Example 1

File Information

Size
611K
SHA-1
0004cf9a19aa68a5153255f07dea911496b13070
MD5
cad399da8fac22d7e8be8387c58713ab
CRC-32
4bef613e
File type
Windows executable
First seen
2014-01-28

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\Tempdir\Downloader.log
Registry Keys Created
  • HKCR\Setup.Application
    (Default)
    Setup.Application
  • HKCR\Setup.Application\CLSID
    (Default)
    {017E057B-DACF-4A07-B878-E294565E3F90}
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\InprocHandler32
    (Default)
    ole32.dll
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\ProgID
    (Default)
    Setup.Application
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\HELPDIR
    (Default)
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}
    (Default)
    Setup.Application
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014012820140129
    CacheRepair
    0x00000000
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\0\win32
    (Default)
    c:\test_item.exe
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\LocalServer32
    (Default)
    "c:\test_item.exe"
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\TypeLib
    Version
    1.0
  • HKCU\Software\Appscion
    AppInstanceUid
    072DE869-0D27-4CCC-90EE-58151ADA24C5
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
    (Default)
    ISetup
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\FLAGS
    (Default)
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\ProxyStubClsid
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0
    (Default)
    Setup
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\ProxyStubClsid32
    (Default)
    {00020420-0000-0000-C000-000000000046}
HTTP Requests
  • http://cdn-appserver.appscion.com/software/
  • http://geoloc.appscion.com/
  • http://setup.appscion.com/1033/18/v2/setup/product
  • http://setup.appscion.com/Content/Default/Images/ajax-loader.gif
  • http://setup.appscion.com/Content/Default/Images/image_v5.png
  • http://setup.appscion.com/Content/DiploDocs/Style/v2/setup.min.css
  • http://setup.appscion.com/Content/default/Style/v2/setup.min.css
  • http://setup.appscion.com/Content/reset.min.css
  • http://setup.appscion.com/Scripts/extensions.js
  • http://setup.appscion.com/Scripts/selectivizr-min.js
  • http://setup.appscion.com/scripts/jquery.js
  • http://setup.appscion.com/scripts/json2.js
  • http://setup.appscion.com/scripts/setup.js
  • http://setup.appscion.com/scripts/viewmodels/default.js
  • http://setup.appscion.com/setup
  • http://setup.appscion.com/wapi/datacontext/
  • http://www.google-analytics.com/analytics.js
  • http://www.google-analytics.com/collect
DNS Requests
  • cdn-appserver.appscion.com
  • geoloc.appscion.com
  • setup.appscion.com
  • www.google-analytics.com

Example 2

File Information

Size
611K
SHA-1
002e198611def272e084ccf9690424622c84d91e
MD5
5d9241f24e3f1c84b1c72f06f0161054
CRC-32
8cd0eaa8
File type
Windows executable
First seen
2014-01-16

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\Tempdir\Downloader.log
Registry Keys Created
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\ProgID
    (Default)
    Setup.Application
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\HELPDIR
    (Default)
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014011620140117
    CacheRepair
    0x00000000
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\TypeLib
    Version
    1.0
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}
    (Default)
    Setup.Application
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\ProxyStubClsid32
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\LocalServer32
    (Default)
    "c:\test_item.exe"
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
    (Default)
    ISetup
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\FLAGS
    (Default)
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\InprocHandler32
    (Default)
    ole32.dll
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0
    (Default)
    Setup
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\0\win32
    (Default)
    c:\test_item.exe
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\ProxyStubClsid
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCU\Software\Appscion
    AppInstanceUid
    6B65850A-E4FC-4CF5-AC68-A33D0334BF7F
  • HKCR\Setup.Application\CLSID
    (Default)
    {017E057B-DACF-4A07-B878-E294565E3F90}
  • HKCR\Setup.Application
    (Default)
    Setup.Application
HTTP Requests
  • http://cdn-appserver.appscion.com/software/
  • http://geoloc.appscion.com/
  • http://setup.appscion.com/1033/18/v2/setup/product
  • http://setup.appscion.com/Content/Default/Images/ajax-loader.gif
  • http://setup.appscion.com/Content/Default/Images/image_v5.png
  • http://setup.appscion.com/Content/DiploDocs/Style/v2/setup.min.css
  • http://setup.appscion.com/Content/default/Style/v2/setup.min.css
  • http://setup.appscion.com/Content/reset.min.css
  • http://setup.appscion.com/Scripts/extensions.js
  • http://setup.appscion.com/Scripts/selectivizr-min.js
  • http://setup.appscion.com/scripts/jquery.js
  • http://setup.appscion.com/scripts/json2.js
  • http://setup.appscion.com/scripts/setup.js
  • http://setup.appscion.com/scripts/viewmodels/default.js
  • http://setup.appscion.com/setup
  • http://setup.appscion.com/wapi/datacontext/
  • http://www.google-analytics.com/analytics.js
  • http://www.google-analytics.com/collect
DNS Requests
  • cdn-appserver.appscion.com
  • geoloc.appscion.com
  • setup.appscion.com
  • www.google-analytics.com

Example 3

File Information

Size
611K
SHA-1
0061aa44ed133bc7ad3234df3a01815c47ecb247
MD5
8d30318411e8fb9ea1d2fb5263ec1f6d
CRC-32
07d2dc04
File type
Windows executable
First seen
2014-01-26

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\Tempdir\Downloader.log
Registry Keys Created
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
    (Default)
    ISetup
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0
    (Default)
    Setup
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\FLAGS
    (Default)
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\LocalServer32
    (Default)
    "c:\test_item.exe"
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\HELPDIR
    (Default)
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\InprocHandler32
    (Default)
    ole32.dll
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\0\win32
    (Default)
    c:\test_item.exe
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\ProxyStubClsid
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\TypeLib
    Version
    1.0
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\ProgID
    (Default)
    Setup.Application
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\ProxyStubClsid32
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCR\Setup.Application
    (Default)
    Setup.Application
  • HKCU\Software\Appscion
    AppInstanceUid
    6EE1D92C-93CD-421E-85AB-2D73EDA9F1D2
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}
    (Default)
    Setup.Application
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014012620140127
    CacheRepair
    0x00000000
  • HKCR\Setup.Application\CLSID
    (Default)
    {017E057B-DACF-4A07-B878-E294565E3F90}
HTTP Requests
  • http://cdn-appserver.appscion.com/software/
  • http://geoloc.appscion.com/
  • http://setup.appscion.com/1033/18/v2/setup/product
  • http://setup.appscion.com/Content/Default/Images/ajax-loader.gif
  • http://setup.appscion.com/Content/Default/Images/image_v5.png
  • http://setup.appscion.com/Content/DiploDocs/Style/v2/setup.min.css
  • http://setup.appscion.com/Content/default/Style/v2/setup.min.css
  • http://setup.appscion.com/Content/reset.min.css
  • http://setup.appscion.com/Scripts/extensions.js
  • http://setup.appscion.com/Scripts/selectivizr-min.js
  • http://setup.appscion.com/scripts/jquery.js
  • http://setup.appscion.com/scripts/json2.js
  • http://setup.appscion.com/scripts/setup.js
  • http://setup.appscion.com/scripts/viewmodels/default.js
  • http://setup.appscion.com/setup
  • http://setup.appscion.com/wapi/datacontext/
  • http://www.google-analytics.com/analytics.js
  • http://www.google-analytics.com/collect
DNS Requests
  • cdn-appserver.appscion.com
  • geoloc.appscion.com
  • setup.appscion.com
  • www.google-analytics.com

download Essayez les produits Sophos gratuitement
Téléchargez maintenant