Category Archives: PUP – Possibly Unwanted Programs

Prosti Screenblaze PUP/Adware with Trojan/Malware Information Stealing Traffic Sample

File Property Property Value FileName 5d226a8fd2e686ae85037f3c855dbd55c86d6161.exe McAfee Artemis Artemis!6a6c793041af McAfee Detection BackDoor-DUG Length 1,024,004 bytes CRC 2F0A0843 MD5 6A6C793041AFD22301A96CA5DD5D1ED1 SHA1 5D226A8FD2E686AE85037F3C855DBD55C86D6161 Other Common Detection Aliases Company Name Detection Name avast Win32:Adware-gen [Adw] Avira TR/Dldr.Delphi.Gen BitDefender Gen:Adware.Heur.E3728DD8A9 Eset Win32/Adware.ScreenBlaze (application) (variant) FortiNet Suspicious F-Prot W32/ScreenBlaze.A.gen!Eldorado Kaspersky Backdoor.Win32.Prosti.bhr microsoft backdoor:win32/prosti.f norman W32/Prosti.AVX panda Bck/Prosti.BQ Sophos Troj/Bckdr-QRY V-Buster… Read More »

Share Button

Self Install PUP 2-vinstaller.com Traffic Sample

1970-01-01 -3:-59:-46.514540 IP 10.0.2.15.1049 > 66.77.96.162.80: Flags [P.], seq 1:864, ack 1, win 64240, length 863 E….R@…H! …BM`….P.6Q…..P…vM..POST /off/mundo HTTP/1.1 Content-Type: application/json; charset=utf-8 Accept: application/json; installerversion: 1 User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1) Host: 2-vinstaller[.]com Content-Length: 606 Cache-Control: no-cache {“Content”:”FrsQsDi7LOYAjhttwW2VRdfK0jpCMx3l6iYIV8EoK8izlVgOrNXZZIEpXZV+6DaFpNynuAY/5tJz/4OXC/6dkNnhdi4Yo/nhkvHXjN8lpJRRRBauN50p2w54YpLGaDwlzOlHaM7qOGIHwQmoA+QguY5m7m+DpGIpLrB8v7MaaPMp50h2JPUMot1apvaChC1Ky1ffOASxcfQuYq5skpKfyit9AQzy3Hyul/QIXJPA1wEjWY57cZxAEYkbOZO3Kec44VAEveh2giYQ4/ydV3NLirzw9ZggplCJBgXX45uLvQ0IwRrJIUfjlyuQsajebelLyzlAxC9LE8qCrkVcn2wCXF1YjawrtnF8Ahj+v/gDfwSZ6JtDL3qW1Qzp1kuKb3BtN2GmqDhZI3ujcB+WsZfaHaSpRZlVac9ztvIFMnVPOdHo1ZMmvbKv1cGdK2L1SyPyhQCwPXM6dgSkIdJD/gegORvAtBTBCMDeJ0Nah8KMuZE94CK1xB6lOX3azpN/+8p5eSzjXmmpNUGFc0DlIZK8jwTLoGe+yxO1bMMNQcugF0PHoJGrrCHHiK5Jd0VqUnei36YJ695J1GtJEW8=”} 1970-01-01 -3:-59:-46.514724 IP 66.77.96.162.80 > 10.0.2.15.1049: Flags [.], ack 864, win 65535, length… Read More »

Share Button