Adware.Neoreklami.FC
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Popularity Rank: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Popularity Rank: | 5,963 |
| Threat Level: | 20 % (Normal) |
| Infected Computers: | 105 |
| First Seen: | June 30, 2023 |
| Last Seen: | March 3, 2026 |
| OS(es) Affected: | Windows |
Table of Contents
Analysis Report
General information
| Family Name: | Adware.Neoreklami.FC |
|---|---|
| Signature status: | No Signature |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
2284990abdb2a11983e9523cc4edc754
SHA1:
c058522a8ba73df6ca4d582bd67c2e56e2a3bb75
SHA256:
0AA48F426AA36E1D3F44713293C2472A93A2435A757934F8EE0D6384446B5832
File Size:
7.55 MB, 7554116 bytes
|
|
MD5:
a1839b0a2ecf3432586eaaa4640069f8
SHA1:
738cfdb31b5785e5a484ef24b9a03100155479c4
SHA256:
561C3CF7DB3A88716A5D677508699B952A42A83128CCA39589EFFF73FE3108FE
File Size:
7.55 MB, 7547696 bytes
|
|
MD5:
4a75fe225727ca5e7303e88d592f44e1
SHA1:
63f2a3efe5bfe1d997ec3de49fc1665863858225
SHA256:
227B1DDBA44BC2532C48BECAAAB1269F0F1BA4ACD34BCCFEAFD3445177CF1E7B
File Size:
7.50 MB, 7502928 bytes
|
|
MD5:
d2be5323b8832a62bdc3346ea2c64e37
SHA1:
cf1b8eda3737d815509f045182893b48171d2df0
SHA256:
01C9316450115AD0162660B662E1CDF9B11F03C8C18112E8B7ABE2394BD34B9E
File Size:
7.62 MB, 7621108 bytes
|
|
MD5:
43cb152cc05295b34552379ec9833f13
SHA1:
d2c4d381bdc1566e0e28c7cc6a0828aa6ee5df77
SHA256:
F01179EED7E80DFEE0FA35A31161672388DCA9F7E74BF6D9847B59575A9BDFBE
File Size:
7.58 MB, 7582747 bytes
|
Show More
|
MD5:
6c64474a6057a7e3c8fe21190a5505ae
SHA1:
5c3c83693e7e524b38f9b8583b20380cb4bb1028
SHA256:
8A2133B6DFC20397BDEF49B9FE902F5619731F969C3CD8C7F23D7252CF43790A
File Size:
7.60 MB, 7598664 bytes
|
|
MD5:
cf625ab18bf575db6351cc95137f8332
SHA1:
297af74a542c606f666a61d2c9e61fadc53b4be2
SHA256:
B62DD68CB1FBD9D18A1ECC8956F6C5C30F0E05429E6054600512E8BEF5888C64
File Size:
7.52 MB, 7518164 bytes
|
|
MD5:
01ed5e359d81f5f2d06ae68584c0bfd3
SHA1:
5dd61e578f8de60d48689e28c36dd52f8fb1b495
SHA256:
650D9FC0B1F0E1FE642B27F48691963330F185DF8CFAC48F723D8AC9ED36611A
File Size:
7.55 MB, 7553356 bytes
|
|
MD5:
926bf903d24bd45f970abe1053803414
SHA1:
445ab40f1fba7f1fc32b991f5fbe0f9aa3bc2c36
SHA256:
BDFF3F254E72A8ADD4B11555F10FBE61636455F7908EFC50BAB36236F79D1045
File Size:
7.55 MB, 7551456 bytes
|
|
MD5:
8858ac1a422f70bb88397e5e5d3f3882
SHA1:
b22b22aba88ad28e1b2dc8edb07fab1a81476940
SHA256:
AACE3E0A1C5A9072BE0C28A53433779C060AFAAA73C5BB82CEDBF599CDFD4B28
File Size:
7.56 MB, 7556129 bytes
|
|
MD5:
0fa343657c0e4ab7404e6fad172d85e0
SHA1:
295661dd72c4822452516742a6a950333757675d
SHA256:
2AA2DF8E8BC46427AF1955BAF924D5D7479B10A69D35DAE0BF7FDDE5E79CEF12
File Size:
7.52 MB, 7521882 bytes
|
|
MD5:
ad8b42e67adae6ae7eb923c37f6e218b
SHA1:
f45c79b39173b03ff7dcd1e5c531f19d43028fae
SHA256:
F5FC71E8E1958A42CC1093B9F85279F935B5D77164D6658227FA6DD4B95BEC35
File Size:
7.57 MB, 7567250 bytes
|
|
MD5:
1143f77a1f85d2b9a7034f7d0b9e4542
SHA1:
eebfe6e4c212675249ba9f3c2cabddde7bae24d3
SHA256:
354595F7ECE8BAECCA6F9C799A74732964854032789F16F43ED3BC44918EA9CC
File Size:
7.50 MB, 7504596 bytes
|
|
MD5:
e8668b33254e6df59bfbc7bf25036c4c
SHA1:
65c964c2162322380bcac3a9fb03d366b40096e5
SHA256:
F9DAF0275618B5ABEA3E4927C873A700E6DA26830EFBAA1A8EDD5430627C1DC2
File Size:
7.62 MB, 7620290 bytes
|
|
MD5:
d57c035569ac78e8eb5fb8a5483bd662
SHA1:
1123e13e94eacfd0c4542aeeb82d9bd0de3dcc3c
SHA256:
78186EAD7D285747E299C1A4C8B39BE7600203187AAEF4C8BEB04B47D5162F57
File Size:
7.53 MB, 7531101 bytes
|
|
MD5:
f3faa4a17d499b9fea23dbbfbe1216ca
SHA1:
108694398fcc2c41be9b3c51b93886e62d8e5ab8
SHA256:
40FF7101F2D43DB5D06AF3CD838611E4B9ED5D4F94E32C7092F04B9178118741
File Size:
7.60 MB, 7600080 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have debug information
- File doesn't have exports table
- File doesn't have relocations information
- File doesn't have security information
- File is 32-bit executable
- File is either console or GUI application
- File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
- File is Native application (NOT .NET application)
- File is not packed
Show More
- IMAGE_FILE_DLL is not set inside PE header (Executable)
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
File Icons
File Icons
This section displays icon resources found within family samples. Malware often replicates icons commonly associated with legitimate software to mislead users into believing the malware is safe.
Windows PE Version Information
Windows PE Version Information
This section displays values and attributes that have been set in the Windows file version information data structure for samples within this family. To mislead users, malware actors often add fake version information mimicking legitimate software.| Name | Value |
|---|---|
| Company Name | Igor Pavlov |
| File Description | 7z Setup SFX |
| File Version | 9.20 |
| Internal Name | 7zS.sfx |
| Legal Copyright | Copyright (c) 1999-2010 Igor Pavlov |
| Original Filename | 7zS.sfx.exe |
| Product Name | 7-Zip |
| Product Version | 9.20 |
File Traits
- HighEntropy
- No Version Info
- x86
Files Modified
Files Modified
This section lists files that were created, modified, moved and/or deleted by samples in this family. File system activity can provide valuable insight into how malware functions on the operating system.| File | Attributes |
|---|---|
| c:\users\user\appdata\local\temp\7zs4c07.tmp | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zs4c07.tmp\__data__ | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zs4c07.tmp\__data__ | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zs4c07.tmp\__data__\config.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zs4c07.tmp\__data__\config.txt | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zs4c07.tmp\config.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zs4c07.tmp\config.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zs4c07.tmp\install.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zs4c07.tmp\install.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zs59ac.tmp | Synchronize,Write Attributes |
Show More
| c:\users\user\appdata\local\temp\7zs59ac.tmp\__data__ | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zs59ac.tmp\__data__ | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zs59ac.tmp\__data__\config.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zs59ac.tmp\__data__\config.txt | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zs59ac.tmp\config.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zs59ac.tmp\config.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zs59ac.tmp\install.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zs59ac.tmp\install.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zs6686.tmp | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zs6686.tmp\__data__ | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zs6686.tmp\__data__ | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zs6686.tmp\__data__\config.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zs6686.tmp\__data__\config.txt | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zs6686.tmp\config.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zs6686.tmp\config.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zs6686.tmp\install.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zs6686.tmp\install.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zs6bb6.tmp | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zs6bb6.tmp\__data__ | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zs6bb6.tmp\__data__ | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zs6bb6.tmp\__data__\config.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zs6bb6.tmp\__data__\config.txt | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zs6bb6.tmp\config.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zs6bb6.tmp\config.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zs6bb6.tmp\install.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zs6bb6.tmp\install.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa2e2.tmp | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa2e2.tmp\__data__ | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa2e2.tmp\__data__ | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa2e2.tmp\__data__\config.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa2e2.tmp\__data__\config.txt | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa2e2.tmp\config.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa2e2.tmp\config.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa2e2.tmp\install.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa2e2.tmp\install.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa320.tmp | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa320.tmp\__data__ | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa320.tmp\__data__ | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa320.tmp\__data__\config.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa320.tmp\__data__\config.txt | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa320.tmp\config.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa320.tmp\config.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa320.tmp\install.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa320.tmp\install.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa62e.tmp | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa62e.tmp\__data__ | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa62e.tmp\__data__ | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa62e.tmp\__data__\config.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa62e.tmp\__data__\config.txt | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa62e.tmp\config.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa62e.tmp\config.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa62e.tmp\install.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa62e.tmp\install.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa68b.tmp | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa68b.tmp\__data__ | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa68b.tmp\__data__ | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa68b.tmp\__data__\config.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa68b.tmp\__data__\config.txt | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa68b.tmp\config.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa68b.tmp\config.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa68b.tmp\install.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa68b.tmp\install.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa7c4.tmp | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa7c4.tmp\__data__ | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa7c4.tmp\__data__ | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa7c4.tmp\__data__\config.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa7c4.tmp\__data__\config.txt | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa7c4.tmp\config.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa7c4.tmp\config.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsa7c4.tmp\install.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsa7c4.tmp\install.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsb710.tmp | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsb710.tmp\__data__ | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsb710.tmp\__data__ | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsb710.tmp\__data__\config.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsb710.tmp\__data__\config.txt | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsb710.tmp\config.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsb710.tmp\config.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsb710.tmp\install.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsb710.tmp\install.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsb7eb.tmp | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsb7eb.tmp\__data__ | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsb7eb.tmp\__data__ | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsb7eb.tmp\__data__\config.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsb7eb.tmp\__data__\config.txt | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsb7eb.tmp\config.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsb7eb.tmp\config.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsb7eb.tmp\install.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsb7eb.tmp\install.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsb839.tmp | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsb839.tmp\__data__ | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsb839.tmp\__data__ | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsb839.tmp\__data__\config.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsb839.tmp\__data__\config.txt | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsb839.tmp\config.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsb839.tmp\config.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsb839.tmp\install.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsb839.tmp\install.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsbc21.tmp | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsbc21.tmp\__data__ | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsbc21.tmp\__data__ | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsbc21.tmp\__data__\config.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsbc21.tmp\__data__\config.txt | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsbc21.tmp\config.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsbc21.tmp\config.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsbc21.tmp\install.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsbc21.tmp\install.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsbccd.tmp | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsbccd.tmp\__data__ | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsbccd.tmp\__data__ | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsbccd.tmp\__data__\config.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsbccd.tmp\__data__\config.txt | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsbccd.tmp\config.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsbccd.tmp\config.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsbccd.tmp\install.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsbccd.tmp\install.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsd45c.tmp | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsd45c.tmp\__data__ | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsd45c.tmp\__data__ | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsd45c.tmp\__data__\config.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsd45c.tmp\__data__\config.txt | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsd45c.tmp\config.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsd45c.tmp\config.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsd45c.tmp\install.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsd45c.tmp\install.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsfaa3.tmp | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsfaa3.tmp\__data__ | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsfaa3.tmp\__data__ | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsfaa3.tmp\__data__\config.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsfaa3.tmp\__data__\config.txt | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsfaa3.tmp\config.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsfaa3.tmp\config.exe | Synchronize,Write Attributes |
| c:\users\user\appdata\local\temp\7zsfaa3.tmp\install.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\7zsfaa3.tmp\install.exe | Synchronize,Write Attributes |
Windows API Usage
Windows API Usage
This section lists Windows API calls that are used by the samples in this family. Windows API usage analysis is a valuable tool that can help identify malicious activity, such as keylogging, security privilege escalation, data encryption, data exfiltration, interference with antivirus software, and network request manipulation.| Category | API |
|---|---|
| Process Manipulation Evasion |
|
| Process Shell Execute |
|
Shell Command Execution
Shell Command Execution
This section lists Windows shell commands that are run by the samples in this family. Windows Shell commands are often leveraged by malware for nefarious purposes and can be used to elevate security privileges, download and launch other malware, exploit vulnerabilities, collect and exfiltrate data, and hide malicious activity.
.\Install.exe
|
config.exe /dBPdidgn "452799" /S
|
config.exe /ehgQBdida "452799" /S
|
config.exe /ouGTcdidD "452799" /S
|
config.exe /mldidJ "452799" /S
|
Show More
config.exe /YqdidNUBA "452799" /S
|
config.exe /GVdidNzP "452799" /S
|
config.exe /lUalKdidiuxCF "452799" /S
|
config.exe /XQzdidGHcy "452799" /S
|
config.exe /UAdidaT "452800" /S
|
config.exe /gdidJi "452800" /S
|
config.exe /MgrdidTYYy "452800" /S
|
config.exe /bDUdidyQWYo "452799" /S
|
config.exe /NedidMI "452799" /S
|
config.exe /UXusHdidJtv "452799" /S
|
config.exe /sdidif "452799" /S
|
config.exe /eHjNdidefAB "452799" /S
|
