Vittalia

Categoria: Adware e PUA Opzioni di protezione ora disponibili:04 ott 2013 16.08.02 (GMT)
Tipo: Adware Ultimo aggiornamento:21 apr 2014 23.24.42 (GMT)

Download Scaricate il nostro Virus Removal Tool: è gratis! - Scoprite le minacce che sono sfuggite al vostro antivirus

Examples of Vittalia include:

Example 1

File Information

Size
38K
SHA-1
0049acfc80efbc2326fd50063da38fad1d44361f
MD5
d69bd996299a7c343406be4b883f03cb
CRC-32
9290ed7c
File type
Windows executable
First seen
2014-01-21

Example 2

File Information

Size
4.6M
SHA-1
039a9bbddcacd115b75d1a5f2c5429fa2e45f763
MD5
e9a77d6ff5272d52f1218aa736ea0014
CRC-32
35a2f182
File type
application/x-ms-dos-executable
First seen
2014-04-18

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\bubbledock_image1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\ajax_loader.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\square_aartemis.bmp
    Size
    2.4K
    SHA-1
    d23712ad137998c6466effe90f45a6ca2abb6009
    MD5
    3bb9395cc61a1a5d58efaa5f3d606ac9
    CRC-32
    9af90b7b
    File type
    Device-independent bitmap (DIB) file
    First seen
    2014-02-21
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\nsURL.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\moviemode-logo.bmp
    Size
    45K
    SHA-1
    e7ac1ba6b7147be61caf3fe997c1d0e1ae479de0
    MD5
    0939042b517e366b0879f9ead5fbd89c
    CRC-32
    9b8fc5b2
    File type
    image/x-bmp
    First seen
    2014-03-24
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\version.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\mockup_softwareupdater.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\freesofttoday_image1_pl.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\freesofttoday_image1_en.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_falcon.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\hao123_image1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\moreinfo_offerbox.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\freesofttoday_image1_pt.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\tkDecript.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\irobinhood_image1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\freesofttoday_image1_jp.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\moreinfo_boxore.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_irobinhood.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\freesofttoday_image1_it.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\falcon_image1.bmp
  • c:\Documents and Settings\test user\Local Settings\Application Data\temp\8454Installer.exe
  • c:\Documents and Settings\test user\Local Settings\Temp\instloffer.exe
    Size
    617K
    SHA-1
    e43040a473cf7007b7328f6f3f87a2b51e90e6b6
    MD5
    ffee420db826bf84df7d614a3c576d5c
    CRC-32
    c7ed400c
    File type
    Windows executable
    First seen
    2014-03-25
  • c:\Documents and Settings\test user\Local Settings\Temp\square_vuupc.bmp
  • c:\Documents and Settings\test user\Local Settings\Application Data\temp\8454fondo.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\license.rtf
  • c:\Documents and Settings\test user\Local Settings\Temp\freesofttoday_image1_tr.bmp
  • c:\Documents and Settings\test user\Local Settings\Application Data\temp\8454header.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\freesofttoday_image1_fr.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\3dboxes_pcspeedup.bmp
  • c:\Documents and Settings\test user\Local Settings\Application Data\temp\8454Installer.INI
  • c:\Documents and Settings\test user\Local Settings\Temp\freesofttoday_image1_es.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\config.xml
  • c:\Documents and Settings\test user\Local Settings\Temp\moreinfo_driverscanner.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\logo_pcspeedup.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\optimizerpro_image1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\pricemeter_image.bmp
    Size
    303K
    SHA-1
    9bb5949d5c0cc1e9a843ad35b06ec2a3bcee23de
    MD5
    96d0237d6a15dd73b6cd80744704f249
    CRC-32
    9d0c4b2f
    File type
    Device-independent bitmap (DIB) file
    First seen
    2014-03-21
  • c:\Documents and Settings\test user\Local Settings\Temp\lollipop_moreinfo.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_mypcbackup.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_baseflash.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\modern-header.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_lollipop.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_utilsbar.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\richtext1.rtf
  • c:\Documents and Settings\test user\Local Settings\Temp\mypcbackup_image1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\tubedimmer_logo.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\ButtonEvent.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\nsDialogs.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\square_bubbledock.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_webstroller_softpublisher.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\modern-wizard.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_tubedimmer.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_passwidget.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\logo-kingbrowse.bmp
    Size
    43K
    SHA-1
    187ba39c07a79b9d90e38b03726b58e4ea6ce4f4
    MD5
    84fbffbfa20abd60a6181cf4b1511200
    CRC-32
    3e283a3a
    File type
    image/x-bmp
    First seen
    2014-03-25
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\System.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\passwidget_image3.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\nsArray.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\rocketmediaplayer_sample.bmp
    Size
    394K
    SHA-1
    c12deb9424dd866f3b8ec7b10cff19ebf18e0700
    MD5
    f3496796facfc0853ce1afedf9cd9bb1
    CRC-32
    251797e9
    File type
    Device-independent bitmap (DIB) file
    First seen
    2014-03-26
  • c:\Documents and Settings\test user\Local Settings\Temp\moviemode-sample.bmp
    Size
    149K
    SHA-1
    d9ec5265127c6a4a5d307d4467c4edfa47af802b
    MD5
    e615c7b6069fd37dc0e6b53e9c42f37c
    CRC-32
    d2b95ff6
    File type
    image/x-bmp
    First seen
    2014-03-24
  • c:\Documents and Settings\test user\Local Settings\Temp\square_boxore_tp.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\mypcbackup_title.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_vbates.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_saveclicker.bmp
    Size
    1.5K
    SHA-1
    a7ce2fc71e53b2ace0faf5394e736fbae147f80d
    MD5
    809507e59f7ba1f27338168f1643bef1
    CRC-32
    4b56e79f
    File type
    Device-independent bitmap (DIB) file
    First seen
    2014-03-13
  • c:\Documents and Settings\test user\Local Settings\Temp\optimizerpro_title.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\pcfaster_logo.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_offerbox.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_sharpsavings.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\systemspeedup_image.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\pricepeep_logo.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_pcfaster.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_pcspeedup.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\searchprotect_whitesmoke_text.rtf
    Size
    3.0K
    SHA-1
    c640fb09b9027921acbfab59200f91bcdc1561a9
    MD5
    218443777438eba037b633030e67b7f7
    CRC-32
    17ee9ad2
    File type
    Rich Text Format (RTF)
    First seen
    2014-03-12
  • c:\Documents and Settings\test user\Local Settings\Temp\square_pricepeep.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_driverscanner.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\optimizerpro_name.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\snapdo_terms.rtf
  • c:\Documents and Settings\test user\Local Settings\Temp\square_gputemp.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\sharpsavings_image1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\tubedimmer_sample.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_freesofttoday.bmp
    Size
    2.4K
    SHA-1
    0678bf2c2209c04a78a1e8b01c6542b6372cb7e1
    MD5
    ac70f12c9d1b66ba1a647a15f68b969e
    CRC-32
    64aff1d6
    File type
    Device-independent bitmap (DIB) file
    First seen
    2014-02-05
  • c:\Documents and Settings\test user\Local Settings\Temp\square_boxore.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\tb_utilsbar.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_moviemode.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_optimizerpro.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_softwareupdater.bmp
Registry Keys Created
  • HKLM\SOFTWARE\Vittalia\AxtanInstaller
    enduser_id
    67810885
Processes Created
  • c:\Documents and Settings\test user\local settings\application data\temp\8454installer.exe
HTTP Requests
  • http://xmlinstcp.eebbvt.eu/cmd/api.php
  • http://xmlinstcp.eebbvt.eu/cmd/geo.php
  • http://xmlinstcp.eebbvt.eu/cmd/report.php
DNS Requests
  • xmlinstcp.eebbvt.eu

Example 3

File Information

Size
39K
SHA-1
1b0874ee3adb3cf700de0905c96d814e949b1bca
MD5
8656dd2f63967b0d29fe1c65da196684
CRC-32
cc90c332
File type
Windows executable
First seen
2013-12-29

scarica Prova gratuita dei prodotti Sophos
Scarica subito