¿Necesita ayuda? Pregunte a la comunidad o contrate a un experto.
Ir a Avira Answers
Date discovered:15/02/2012
In the wild:No
Reported Infections:Low
Distribution Potential:Low
Damage Potential:Low
Static file:Yes
File size:582.536 Bytes
MD5 checksum:d420892051c4495b6923e2cd2849113a
VDF version: - Wednesday, February 15, 2012
IVDF version: - Wednesday, February 15, 2012

 General ADWARE/ malware class description (en)
Method of propagation:
   • No own spreading routine

   •  Eset: Win32/InstallCore
     DrWeb: Adware.InstallCore.20

Platforms / OS:
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows Server 2008
    Windows 7

Right after execution the following information is displayed:

 Files  It creates the following directories:
   • C:\TEMP\ish423234\
   • C:\TEMP\is1438683437\

The following files are created:

Non malicious files:
   • C:\TEMP\ish411640\defaultOffer\offer_code.dat
   • C:\TEMP\ish411640\defaultOffer\offer_html.dat
   • C:\TEMP\ish411640\defaultOffer\US\offer_code.dat
   • C:\TEMP\ish411640\defaultOffer\US\offer_html.dat
   • C:\TEMP\ish411640\bootstrap_6570.html
   • C:\TEMP\ICReinstall_ad.exe
   • %HOME%\Desktop\Continue FoxTabFLV Player Installation.lnk
   • C:\TEMP\is1438683437\4380116.cfg
   • C:\TEMP\is1438683437\673479180.cfg

– Temporary files that might be deleted afterwards:
   • C:\TEMP\000647F8.log
   • C:\Programme\is420125.log
   • C:\TEMP\0006693C.log
   • C:\TEMP\00066C39.log

 Miscellaneous Accesses internet resources:
   • os.solvefile.com
   • cdnus.solvefile.com
   • cdneu.solvefile.com

 File details Programming language:
The malware program was written in Delphi.

Descripción insertada por Martin Muench el miércoles 15 de febrero de 2012
Descripción actualizada por Martin Muench el miércoles 15 de febrero de 2012

Volver . . . .
https:// Esta ventana está cifrada para su seguridad.