Live Soft Action

Catégorie: Adwares et PUA Protection disponible depuis:29 janv. 2014 05:51:48 (GMT)
Type: Adware Dernière mise à jour :31 juil. 2015 18:28:08 (GMT)

Download Téléchargez notre outil gratuit de suppression des virus - Découvrez ce que votre antivirus actuel n'a pas su détecter

Examples of Live Soft Action include:

Example 1

File Information

Size
1.2M
SHA-1
00751a5ef828fab42d7e42abeb1a5cfc95861dfa
MD5
38102b95d701eb0a5cf587f8ff9a40e1
CRC-32
16938bd7
File type
Windows executable
First seen
2015-07-05

Runtime Analysis

Registry Keys Created
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\ProxyStubClsid
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION
    test_item.exe
    0x00001a0a
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\TypeLib
    Version
    1.0
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\ProxyStubClsid32
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
    (Default)
    ISetup
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\0\win32
    (Default)
    c:\test_item.exe
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0
    (Default)
    Setup
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\ProgID
    (Default)
    Setup.Application
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\InprocHandler32
    (Default)
    ole32.dll
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\FLAGS
    (Default)
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\LocalServer32
    (Default)
    "c:\test_item.exe"
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}
    (Default)
    Setup.Application
  • HKCU\Software\Appscion
    AppInstanceUid
    5472644B-126B-4CB7-A02E-AFF62E8C3697
  • HKCR\Setup.Application
    (Default)
    Setup.Application
  • HKCR\Setup.Application\CLSID
    (Default)
    {017E057B-DACF-4A07-B878-E294565E3F90}
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\HELPDIR
    (Default)
HTTP Requests
  • http://setup.trustinstaller.com/setup
DNS Requests
  • setup.trustinstaller.com

Example 2

File Information

Size
611K
SHA-1
00eaaf3fe0f89ff964ea747ce583539413b44875
MD5
f9e0ccf0354263fe6f095f3ad14005d1
CRC-32
6b8a6a38
File type
Windows executable
First seen
2007-08-31

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\Tempdir\Downloader.log
Registry Keys Created
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\LocalServer32
    (Default)
    "c:\test_item.exe"
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
    (Default)
    ISetup
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0
    (Default)
    Setup
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\FLAGS
    (Default)
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\InprocHandler32
    (Default)
    ole32.dll
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\TypeLib
    Version
    1.0
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\HELPDIR
    (Default)
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\ProxyStubClsid
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\0\win32
    (Default)
    c:\test_item.exe
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\ProgID
    (Default)
    Setup.Application
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014011620140117
    CacheRepair
    0x00000000
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\ProxyStubClsid32
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCR\Setup.Application
    (Default)
    Setup.Application
  • HKCU\Software\Appscion
    AppInstanceUid
    2965298A-B779-4E74-91DD-8A4CC886F04D
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}
    (Default)
    Setup.Application
  • HKCR\Setup.Application\CLSID
    (Default)
    {017E057B-DACF-4A07-B878-E294565E3F90}
HTTP Requests
  • http://cdn-appserver.appscion.com/software/
  • http://geoloc.appscion.com/
  • http://setup.appscion.com/1033/18/v2/setup/product
  • http://setup.appscion.com/Content/Default/Images/ajax-loader.gif
  • http://setup.appscion.com/Content/Default/Images/image_v5.png
  • http://setup.appscion.com/Content/DiploDocs/Style/v2/setup.min.css
  • http://setup.appscion.com/Content/default/Style/v2/setup.min.css
  • http://setup.appscion.com/Content/reset.min.css
  • http://setup.appscion.com/Scripts/extensions.js
  • http://setup.appscion.com/Scripts/selectivizr-min.js
  • http://setup.appscion.com/scripts/jquery.js
  • http://setup.appscion.com/scripts/json2.js
  • http://setup.appscion.com/scripts/setup.js
  • http://setup.appscion.com/scripts/viewmodels/default.js
  • http://setup.appscion.com/setup
  • http://setup.appscion.com/wapi/datacontext/
  • http://www.google-analytics.com/analytics.js
  • http://www.google-analytics.com/collect
DNS Requests
  • cdn-appserver.appscion.com
  • geoloc.appscion.com
  • setup.appscion.com
  • www.google-analytics.com

Example 3

File Information

Size
1.2M
SHA-1
01b8b8e6e92661a67ec1f31e7423b5d5519fb0b8
MD5
5b62529db9d7c6cf9be63b8a3aa5d7e1
CRC-32
9df6eb39
File type
Windows executable
First seen
2015-06-17

Runtime Analysis

Registry Keys Created
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
    (Default)
    ISetup
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}
    (Default)
    Setup.Application
  • HKCU\Software\Appscion
    AppInstanceUid
    FC66EA04-3E06-4E18-8366-E2F2E367779F
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\0\win32
    (Default)
    c:\test_item.exe
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\HELPDIR
    (Default)
  • HKCR\Setup.Application
    (Default)
    Setup.Application
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\LocalServer32
    (Default)
    "c:\test_item.exe"
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\ProxyStubClsid32
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\InprocHandler32
    (Default)
    ole32.dll
  • HKCR\Setup.Application\CLSID
    (Default)
    {017E057B-DACF-4A07-B878-E294565E3F90}
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0
    (Default)
    Setup
  • HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION
    test_item.exe
    0x00001a0a
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\ProxyStubClsid
    (Default)
    {00020420-0000-0000-C000-000000000046}
  • HKCR\CLSID\{017E057B-DACF-4A07-B878-E294565E3F90}\ProgID
    (Default)
    Setup.Application
  • HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}\TypeLib
    Version
    1.0
  • HKCR\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}\1.0\FLAGS
    (Default)
HTTP Requests
  • http://geoloc.trustinstaller.com/
  • http://setup.trustinstaller.com/1033/18/v2/setup/product
  • http://setup.trustinstaller.com/Content/Default/Images/ajax-loader.gif
  • http://setup.trustinstaller.com/Content/Default/Images/image_v5.png
  • http://setup.trustinstaller.com/Content/DiploDocs/Style/v2/setup.min.css
  • http://setup.trustinstaller.com/Content/global.css
  • http://setup.trustinstaller.com/Content/reset.min.css
  • http://setup.trustinstaller.com/Scripts/extensions.js
  • http://setup.trustinstaller.com/Scripts/selectivizr-min.js
  • http://setup.trustinstaller.com/appserver/offers/getclientip
  • http://setup.trustinstaller.com/appserver/software/
  • http://setup.trustinstaller.com/scripts/jquery.js
  • http://setup.trustinstaller.com/scripts/json2.js
  • http://setup.trustinstaller.com/scripts/setup.js
  • http://setup.trustinstaller.com/scripts/viewmodels/default.js
  • http://setup.trustinstaller.com/setup
  • http://setup.trustinstaller.com/wapi/datacontext/
  • http://www.google-analytics.com/analytics.js
DNS Requests
  • geoloc.trustinstaller.com
  • setup.trustinstaller.com
  • www.google-analytics.com

download Essayez les produits Sophos gratuitement
Téléchargez maintenant