Linkular

Category: Adware and PUAs Protection available since:24 Sep 2013 19:38:14 (GMT)
Type: Unspecified PUA Last Updated:17 Mar 2017 06:35:41 (GMT)

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Linkular include:

Example 1

File Information

Size
444K
SHA-1
00004f458dae5eabc1f36c44b126122b049448dc
MD5
241cd5d919e181c596516fef73601896
CRC-32
558cc34f
File type
Windows executable
First seen
2007-10-30

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr3.tmp\BaseConvert.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr3.tmp\Dialer.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr3.tmp\inetc.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr3.tmp\nsExec.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr3.tmp\GetVersion.dll
Registry Keys Created
  • HKCU\Software\PowerPack
    guid
    8a7d32bfc8c8444784cd86aeff130dac
  • HKCU\Software\PowerPack\483
    t
    19 08 2015 Wednesday 14 43 27
Processes Created
  • c:\docume~1\support\locals~1\temp\nsr3.tmp\ef.exe
  • c:\docume~1\support\locals~1\temp\nsr3.tmp\mf.exe
  • c:\docume~1\support\locals~1\temp\nsr3.tmp\ns4.tmp
  • c:\docume~1\support\locals~1\temp\nsr3.tmp\ns5.tmp
HTTP Requests
  • http://www.fastdownloads.info/api/software/
  • http://www.fastdownloads.info/api/success/
DNS Requests
  • www.fastdownloads.info

Example 2

File Information

Size
444K
SHA-1
000085d4c1f870cebe771a140fbdd18c7ae8a4cd
MD5
3ad83731f06b6673a2cf69c7c102e801
CRC-32
12348718
File type
Windows executable
First seen
2007-11-06

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\nsp3.tmp\Dialer.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsp3.tmp\BaseConvert.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsp3.tmp\GetVersion.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsp3.tmp\nsExec.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsp3.tmp\inetc.dll
Registry Keys Created
  • HKCU\Software\PowerPack
    guid
    968456f93f7b4d248d230d69a68b2365
  • HKCU\Software\PowerPack\483
    t
    29 10 2015 Thursday 18 15 40
Processes Created
  • c:\docume~1\support\locals~1\temp\nsp3.tmp\ef.exe
  • c:\docume~1\support\locals~1\temp\nsp3.tmp\mf.exe
  • c:\docume~1\support\locals~1\temp\nsp3.tmp\ns4.tmp
  • c:\docume~1\support\locals~1\temp\nsp3.tmp\ns5.tmp
HTTP Requests
  • http://www.fastdownloads.info/api/software/
  • http://www.fastdownloads.info/api/success/
DNS Requests
  • www.fastdownloads.info

Example 3

File Information

Size
444K
SHA-1
00031550533863cd10b95a6841703b648ff3cd01
MD5
c8112b3d8d1331ccbd65a7c0cc84310b
CRC-32
d411a187
File type
Windows executable
First seen
2015-11-17

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\nsa3.tmp\GetVersion.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsa3.tmp\BaseConvert.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsa3.tmp\nsExec.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsa3.tmp\Dialer.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsa3.tmp\inetc.dll
Registry Keys Created
  • HKCU\Software\PowerPack
    guid
    dc705d16451c4e2bbbccc2b632028f10
  • HKCU\Software\PowerPack\483
    t
    09 12 2015 Wednesday 2 42 52
Processes Created
  • c:\docume~1\support\locals~1\temp\nsa3.tmp\ef.exe
  • c:\docume~1\support\locals~1\temp\nsa3.tmp\mf.exe
  • c:\docume~1\support\locals~1\temp\nsa3.tmp\ns4.tmp
  • c:\docume~1\support\locals~1\temp\nsa3.tmp\ns5.tmp
HTTP Requests
  • http://www.fastdownloads.info/api/software/
  • http://www.fastdownloads.info/api/success/
DNS Requests
  • www.fastdownloads.info

download Try Sophos products for free
Download now