Install Monster

Catégorie: Adwares et PUA Protection disponible depuis:02 juil. 2013 13:01:03 (GMT)
Type: Unspecified PUA Dernière mise à jour :28 janv. 2016 11:28:27 (GMT)

Download Téléchargez notre outil gratuit de suppression des virus - Découvrez ce que votre antivirus actuel n'a pas su détecter

Examples of Install Monster include:

Example 1

File Information

Size
438K
SHA-1
00001f162d39115d6713dd5000ec9482dec294c5
MD5
c70e1d5565810138ce6ddf93d0940e16
CRC-32
e78ae8a6
File type
Windows executable
First seen
2014-08-06

Runtime Analysis

Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\ESENT\Process\sample\DEBUG
    Trace Level
DNS Requests
  • gufjan855.p-t.hk

Example 2

File Information

Size
3.5M
SHA-1
000053456721d67d5718a17550a534370227dd0d
MD5
3f0e476ea70d21c62d51dda71da96533
CRC-32
98a12705
File type
Windows executable
First seen
2015-08-31

Runtime Analysis

Registry Keys Created
  • HKCR\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}
    (Default)
    DynamicNS
  • HKCR\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}\ProgID
    (Default)
    sample.DynamicNS
  • HKLM\SOFTWARE\Microsoft\ESENT\Process\sample\DEBUG
    Trace Level
  • HKCR\sample.DynamicNS
    (Default)
    DynamicNS
  • HKCR\sample.DynamicNS\Clsid
    (Default)
    {C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}
  • HKCR\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}\LocalServer32
    (Default)
    c:\test_item.exe
Registry Keys Modified
  • HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication
    Name
    test_item.exe
HTTP Requests
  • http://delivery55.com/pages/inmon/im-typ.html
  • http://hakeps.ru/files/
DNS Requests
  • delivery55.com
  • hakeps.ru

Example 3

File Information

Size
2.0M
SHA-1
000475ed6941bdd0b2b4b089282def67c50c002d
MD5
6f917249f00d4ae1d3433aaef8234d59
CRC-32
fc0027d1
File type
Windows executable
First seen
2014-08-20

Runtime Analysis

Registry Keys Created
  • HKCR\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}\ProgID
    (Default)
    sample.DynamicNS
  • HKCR\sample.DynamicNS\Clsid
    (Default)
    {C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}
  • HKCR\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}
    (Default)
    DynamicNS
  • HKLM\SOFTWARE\Microsoft\ESENT\Process\sample\DEBUG
    Trace Level
  • HKCR\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}\LocalServer32
    (Default)
    c:\test_item.exe
  • HKCR\sample.DynamicNS
    (Default)
    DynamicNS
HTTP Requests
  • http://csecsrwer.biz/fast/new/ABBYY_FineReader_11.rar
DNS Requests
  • csecsrwer.biz

download Essayez les produits Sophos gratuitement
Téléchargez maintenant