Vittalia

カテゴリ: アドウェアと不要なアプリケーション(PUA)保護提供の開始日時:2015 7 22 09:19:07 (GMT)
種類: Adware最終更新日時:2019 8 08 21:25:31 (GMT)

Download Sophos Virus Removal Tool (無償) のダウンロード - 他社製ウイルス対策製品が検出できなかったマルウェアを検出

Examples of Vittalia include:

Example 1

File Information

Size
5.0M
SHA-1
011f98074a30d024b9ef80e1e86ffe7148931129
MD5
d70ab35fd5e19aaed0d8493b879a2707
CRC-32
a0d66b81
File type
Windows executable
First seen
2017-05-25

Runtime Analysis

Registry Keys Created
  • HKLM\SOFTWARE\Vittalia\AxtanInstaller\versions\671726
    LogoUrl
    http://median.eazel.com/uploads/installer_logos/programs/91/230691/69633.png
Processes Created
  • c:\Documents and Settings\test user\local settings\application data\temp\8a32installer.exe
HTTP Requests
  • http://www.dlgeovt.com/abcde.php
  • http://xmlinstcp.ddbbvt.eu/cmd/precompiled.html
  • http://xmlinstcp.ffbbvt.eu/cmd/api.php
  • http://xmlinstcp.ffbbvt.eu/cmd/geo.php
  • http://xmlinstcp.ffbbvt.eu/cmd/report.php
DNS Requests
  • www.dlgeovt.com
  • xmlinstcp.ddbbvt.eu
  • xmlinstcp.ffbbvt.eu

Example 2

File Information

Size
5.0M
SHA-1
045d1ea19d3eb00b641ba496d8757cda3becf6c3
MD5
0382c41a49436a6d5a1abbec7862be3e
CRC-32
d9ff3617
File type
Windows executable
First seen
2017-07-14

Runtime Analysis

Processes Created
  • c:\Documents and Settings\test user\local settings\application data\temp\772dinstaller.exe
HTTP Requests
  • http://www.dlgeovt.com/abcde.php
  • http://xmlinstcp.ddbbvt.eu/cmd/precompiled.html
  • http://xmlinstcp.ffbbvt.eu/cmd/api.php
  • http://xmlinstcp.ffbbvt.eu/cmd/geo.php
  • http://xmlinstcp.ffbbvt.eu/cmd/log.php
  • http://xmlinstcp.ffbbvt.eu/cmd/report.php
DNS Requests
  • www.dlgeovt.com
  • xmlinstcp.ddbbvt.eu
  • xmlinstcp.ffbbvt.eu

Example 3

File Information

Size
808K
SHA-1
0566603c3712b6b1348b70019cdcd9722b9cfb44
MD5
bf3c357bda2698007223be99a2ce0de2
CRC-32
c6a38c7f
File type
Windows executable
First seen
2016-01-27

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\34a11dd8ea3105f6dfb8b652fdd23d59
  • c:\Documents and Settings\test user\Local Settings\Temp\ff0e79e53f645f29984fd42cdea7e2a6.exe
  • c:\Documents and Settings\test user\Local Settings\Temp\nsd3.tmp\nxs.dll

download 無償評価版の試用
無償評価版のダウンロード