AdPeak

Category: Adware and PUAs Protection available since:11 Dec 2012 00:00:42 (GMT)
Type: Adware Last Updated:23 Jun 2015 05:54:20 (GMT)

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of AdPeak include:

Example 1

File Information

Size
76K
SHA-1
010c1ae4edf238d6716eb602a8bb3edaf418cebd
MD5
ef7668e45b022b62ae580f6d3282e80d
CRC-32
b553b98f
File type
Windows executable
First seen
2012-11-02

Runtime Analysis

Registry Keys Created
  • HKCR\CLSID\{E4A84ABF-5D2A-4D77-A762-4F5CEA88C4E1}\InProcServer32
    ThreadingModel
    Apartment
  • HKCR\CLSID\{E4A84ABF-5D2A-4D77-A762-4F5CEA88C4E1}
    (Default)
    De□□l□0a□ b□□□□□p□□r□@m□Pn□@□□@h□ e□
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4A84ABF-5D2A-4D77-A762-4F5CEA88C4E1}
    NoExplorer
    0x00000001

Example 2

File Information

Size
76K
SHA-1
022abd92631752fb81880a0882bbda50d532b7cc
MD5
0feeefc23fb562c8bc38bc04baf49239
CRC-32
eaaa2987
File type
Windows executable
First seen
2012-11-02

Runtime Analysis

Registry Keys Created
  • HKCR\CLSID\{A47C2FFC-5370-4163-B73B-67283394E503}
    (Default)
    De□□l□0a□ b□□□□□p□□r□@m□Pn□@□□@h□ e□
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A47C2FFC-5370-4163-B73B-67283394E503}
    NoExplorer
    0x00000001
  • HKCR\CLSID\{A47C2FFC-5370-4163-B73B-67283394E503}\InProcServer32
    ThreadingModel
    Apartment

Example 3

File Information

Size
49K
SHA-1
030fe51bdf1cd8bb98f793118d98be569ca2db6e
MD5
da92a43214320d2dcff22d5b52401aa9
CRC-32
d87518a2
File type
Windows executable
First seen
2012-12-01

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\nsn4.tmp\inetc.dll
  • c:\Documents and Settings\test user\Local Settings\Application Data\dealcabby\uninst.exe
  • c:\Documents and Settings\test user\Local Settings\Application Data\dealcabby\license.txt
  • c:\Documents and Settings\test user\Local Settings\Application Data\dealcabby\ie\dealcabby_20121029030001.dll
  • c:\Documents and Settings\test user\Local Settings\Application Data\dealcabby\sqlite3.exe
  • C:\dealcabby-20120921.exe
  • c:\Documents and Settings\test user\Local Settings\Temp\nsn4.tmp\nsisFile.dll
  • C:\dealcabby.ini
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0B4A07CF-45EB-4B10-B6BB-35568A2F89BE}
    NoExplorer
    0x00000001
  • HKCU\Software\DealCabby
    license
    FF6DBCC6-98D7-4B8A-8C76-5A5CFECE9EEA
  • HKCR\CLSID\{0B4A07CF-45EB-4B10-B6BB-35568A2F89BE}\InProcServer32
    ThreadingModel
    Apartment
  • HKCR\CLSID\{0B4A07CF-45EB-4B10-B6BB-35568A2F89BE}
    (Default)
    De□□l□0a□ b□□□□□p□□r□@m□Pn□@□□@h□ e□
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID
    {0B4A07CF-45EB-4B10-B6BB-35568A2F89BE}
    1
  • HKCU\Software\AppDataLow\software\DealCabby
    guid
    0B4A07CF-45EB-4B10-B6BB-35568A2F89BE
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealCabby
    Publisher
    DealCabby
Processes Created
  • c:\dealcabby-20120921.exe
  • c:\docume~1\support\locals~1\temp\nsf7.tmp\ns8.tmp
  • c:\docume~1\support\locals~1\temp\nsf7.tmp\ns9.tmp
  • c:\windows\system32\taskkill.exe
HTTP Requests
  • http://s3.amazonaws.com/adpk/dealcabby/dealcabby-silent-installer.exe
  • http://s3.amazonaws.com/adpk/dealcabby/dealcabby.ini
  • http://s3.amazonaws.com/adpk/dealcabby/dealcabby_20121029030001.dll
  • http://s3.amazonaws.com/adpk/dealcabby/ie.ini
DNS Requests
  • lqw.me
  • s3.amazonaws.com

download Try Sophos products for free
Download now