Stay protected from the "Wanna DecryptOr" ransomware outbreak.     Learn More

Mail.ru Downloader

Category: Adware and PUAs Protection available since:01 Aug 2016 10:44:10 (GMT)
Type: Adware Last Updated:26 Apr 2017 20:55:30 (GMT)

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Mail.ru Downloader include:

Example 1

File Information

Size
32K
SHA-1
0be97419a38193186c51e486c3a95d9fac461cf5
MD5
f051d69bba286bc4bf4ca0b77f4b6616
CRC-32
298fab58
File type
Windows executable
First seen
2015-09-05

Example 2

File Information

Size
47K
SHA-1
11674d8579c01598cb2e999ac4b45adf5fb545f4
MD5
6acf425a82f5452a918d98b210ea1bf8
CRC-32
731b4658
File type
Windows executable
First seen
2007-07-06

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Desktop\referattar.zip
  • c:\Documents and Settings\test user\Local Settings\Temp\Internet.exe.xdl!
  • c:\Documents and Settings\test user\Local Settings\Temp\runprog.exe
  • c:\Documents and Settings\test user\Local Settings\Temp\.xdl!
Processes Created
  • c:\docume~1\support\locals~1\temp\runprog.exe
HTTP Requests
  • http://binupdate.mail.ru/dwnld/url
  • http://exe.agent.mail.ru/sputnik/mailrusputnik.exe
  • http://internetmailru.cdnmail.ru/Internet.exe
  • http://profitraf.ru/get_xml
  • http://r.mail.ru/cln5491/exe.agent.mail.ru/sputnik/mailrusputnik.exe
  • http://referatar.ru/referattar.zip
DNS Requests
  • binupdate.mail.ru
  • exe.agent.mail.ru
  • internetmailru.cdnmail.ru
  • profitraf.ru
  • r.mail.ru
  • referatar.ru

Example 3

File Information

Size
598K
SHA-1
28ec3e42e2a5baca0672057fede14ad74a094980
MD5
734fdf61b5d324cb41fd5b6344ee7fa2
CRC-32
dc2c4693
File type
Windows executable
First seen
2016-07-24

Runtime Analysis

HTTP Requests
  • http://cenopvcfzfqp.rhqzlasmq3.ru/data_get_params
  • http://cenopvcfzfqp.rhqzlasmq3.ru/launch_error
DNS Requests
  • cenopvcfzfqp.rhqzlasmq3.ru

download Try Sophos products for free
Download now