Blog Archives

Adware.Crossid

Posted on July 25, 2012 by reporter — No Comments ↓

File Name: 1c50ac2fac627d25393862722b811ef8.exe

Product Name: I Want This

Company Name: 215 Apps

Product Version:

File Version: 1.18.149.149

DB Updates: 25.07.2012 15:04:16

Check: [Threat] Adware.Crossid

MD5: 1C50AC2FAC627D25393862722B811EF8

ssdeep: 49152: wtoSsmrbVKgqpgwV4vg9phbbYLKFL VQY1i2ez38Td2fEy:N5HPVfqpnVQ4phcLKFL VQYEzs8fD

Size: 1863272

PE64: False

System: Win32 GUI

Entry point: 55 89 E5 57 56 53 81 EC AC 01 00 00 E8 97 52 00 00 C7 04 24 01 80 00 00 E8 43 4F 00 00 56 C7 04 24 00 00 00 00 E8 A6 52 00 00 A3 88 5C 42 00 53 C7 04 24 08 00 00 00 E8 26 32 00 00 A3 38 5D 42 00

Name	Attrib	MD5	Size
.text	60300020	88AB3E04E64188F106028438B5C514A8	33792
.data	C0300040	850BF924E3442E1811C0822CB6ACEEC0	512
.rdata	40300040	021355B5502656A98D3642DAA00FCC3F	3584
.bss	C0400080	00000000000000000000000000000000	0
.idata	C0300040	DE28D24AC85D5DF28A668492018B70E6	5120
.ndata	C0300040	0F343B0931126A20F133D67C2B018A3B	1024
.rsrc	C0300040	81A92BD967F455D456D2C736A1DC6F70	13312

ssdeep

768:FimATto7o Fcx5j/NFSqVOfoOREGxi5QsbaBloBpgrsYGH2H1Y:QmAQqhwqqpKtbav6oGWH1YF

96:NNTJOcGqLy1f5WoxEHcI17ZY765JoqlpH:ZbKEoxIK6rootz

48:J0TjjYjjv9yny9Hl3Gk1EAhBpLEe5kaGOVzhUbYB9RU/T/Haws y/ YGt3PBJVZ:JckgdQ7JzGOVzhUbQ9Sjaiy/ YCpJVZf

192:Wd4R/4Q8ZGYLJfsOU/lH9Kk4JnQUmauIvwSC0FuNSbQhw:t2Q8UFytJnUaPVzbew7

Signatures

Type	Signature
MD5	1C50AC2FAC627D25393862722B811EF8:1863272:VirusName
NAC	0ADCCA29183F4486448AAB911FCEB498:19:VirusName
RIC	38F05055A4E84C4ECDC421009B7EB4E1:9640:VirusName
FIC	2:192:0R/4Q8ZGYLJfsOU/lH9Kk4JnQUmauIvwSC0FuNb:02Q8UFytJnUaPVA:95:VirusName
SEC	7:.text!33792\|.data!512\|.rdata!3584\|.bss!0\|.idata!5120\|.ndata!1024\|.rsrc!13312:VirusName

Tagged with: bg_code.js, I Want This.exe, I Want ThisGui.exe, Uninstall.exe
Posted in Detected

I Want This

Posted on May 31, 2012 by reporter — No Comments ↓

File Name: 445.exe

Product Name: I Want This

Company Name: 215 Apps

Product Version:

File Version: 1.17.149.149

DB Updates: 2/17/2012 11:35:21 AM

Check: [Clean]

MD5: BCB25E4A261EF9D730BDE5CA3BA14CC0

Size: 1867216

PE64: False

System: Win32 GUI

Name	Attrib	MD5	Size
.text	60300020	88AB3E04E64188F106028438B5C514A8	33792
.data	C0300040	850BF924E3442E1811C0822CB6ACEEC0	512
.rdata	40300040	021355B5502656A98D3642DAA00FCC3F	3584
.bss	C0400080	00000000000000000000000000000000	0
.idata	C0300040	DE28D24AC85D5DF28A668492018B70E6	5120
.ndata	C0300040	0F343B0931126A20F133D67C2B018A3B	1024
.rsrc	C0300040	DC789B104531DC56009503B4C21C4C68	13312

Signatures

Type	Signature
MD5	BCB25E4A261EF9D730BDE5CA3BA14CC0:1867216:VirusName
NAC	0ADCCA29183F4486448AAB911FCEB498:19:VirusName
RIC	38F05055A4E84C4ECDC421009B7EB4E1:9640:VirusName
SEC	7:.text!33792\|.data!512\|.rdata!3584\|.bss!0\|.idata!5120\|.ndata!1024\|.rsrc!13312:VirusName

Tagged with: CleanChromePrefs.vbs, Downloader, I Want This.exe, I Want ThisGui.exe, Uninstall.exe
Posted in Undetected

I Want This

Posted on May 24, 2012 by reporter — No Comments ↓

File Name: 403.exe

Product Name: I Want This

Company Name: 215 Apps

Product Version:

File Version: 1.14.149.149

DB Updates: 2/17/2012 11:35:21 AM

Check: [Clean]

MD5: 3B6E5E72DDAF0BB67B29F98CCD469E1E

Size: 1998472

PE64: False

System: Win32 GUI

Entry point: 55 89 E5 57 56 53 81 EC AC 01 00 00 E8 98 52 00 00 C7 04 24 01 80 00 00 E8 3C 4F 00 00 53 C7 04 24 00 00 00 00 E8 A7 52 00 00 A3 48 5C 42 00 51 C7 04 24 08 00 00 00 E8 27 32 00 00 A3 F8 5C 42 00

Name	Attrib	MD5	Size
.text	60300020	C51E3FCC3C63871874616DAC6A956E1A	33280
.data	C0300040	CE8095B31F2148D62497CB680AB466A4	512
.rdata	40300040	AF6FB4FB881EBB57285EB98ED8DF709D	3584
.bss	C0400080	00000000000000000000000000000000	0
.idata	C0300040	DE28D24AC85D5DF28A668492018B70E6	5120
.ndata	C0300040	0F343B0931126A20F133D67C2B018A3B	1024
.rsrc	C0300040	DD08B8C1629701D3248CDA9C2A979055	13312

Signatures

Type	Signature
MD5	3B6E5E72DDAF0BB67B29F98CCD469E1E:1998472:VirusName
NAC	0ADCCA29183F4486448AAB911FCEB498:19:VirusName
RIC	38F05055A4E84C4ECDC421009B7EB4E1:9640:VirusName
SEC	7:.text!33280\|.data!512\|.rdata!3584\|.bss!0\|.idata!5120\|.ndata!1024\|.rsrc!13312:VirusName

Tagged with: CleanChromePrefs.vbs, Downloader, I Want This.exe, I Want ThisGui.exe, scs.exe, Uninstall.exe
Posted in Undetected

I Want This.exe I Want ThisGui.exe Uninstall.exe

Posted on April 25, 2012 by reporter — No Comments ↓

File Name: 476.exe

DB Updates: 2/17/2012 11:35:21 AM

Check: [Clean]

MD5: CF1DFB4C2EA805F2FC7387F06ED5CD05

Size: 1594458

PE64: False

System: Win32 GUI

Entry point: 81 EC 80 01 00 00 53 55 56 33 DB 57 89 5C 24 18 C7 44 24 10 30 91 40 00 33 F6 C6 44 24 14 20 FF 15 30 70 40 00 68 01 80 00 00 FF 15 B4 70 40 00 53 FF 15 7C 72 40 00 6A 08 A3 58 3F 42 00 E8 09 2C

Name	Attrib	MD5	Size
.text	60000020	0BC2FFD32265A08D72B795B18265828D	23552
.rdata	40000040	F179218A059068529BDB4637EF5FA28E	4608
.data	C0000040	975304D6DD6C4A4F076B15511E2BBBC0	1024
.ndata	C0000080	00000000000000000000000000000000	0
.rsrc	40000040	6DA8022B47763F5DA9C4FAE5486AB0D8	2560

Signatures

Type	Signature
MD5	CF1DFB4C2EA805F2FC7387F06ED5CD05:1594458:VirusName
RIC	F00E9D9F29BAD0B3F02CCF494A4F3A1F:744:VirusName
SEC	5:.text!23552\|.rdata!4608\|.data!1024\|.ndata!0\|.rsrc!2560:VirusName

Tagged with: Downloader, I Want This.exe, I Want ThisGui.exe, IWantThis-GB.exe, Uninstall.exe
Posted in Undetected

I Want This.exe I Want ThisGui.exe Uninstall.exe

Posted on April 22, 2012 by reporter — No Comments ↓

File Name: 472.exe

DB Updates: 2/17/2012 11:35:21 AM

Check: [Clean]

MD5: CF1DFB4C2EA805F2FC7387F06ED5CD05

Size: 1594458

PE64: False

System: Win32 GUI

Name	Attrib	MD5	Size
.text	60000020	0BC2FFD32265A08D72B795B18265828D	23552
.rdata	40000040	F179218A059068529BDB4637EF5FA28E	4608
.data	C0000040	975304D6DD6C4A4F076B15511E2BBBC0	1024
.ndata	C0000080	00000000000000000000000000000000	0
.rsrc	40000040	6DA8022B47763F5DA9C4FAE5486AB0D8	2560

Signatures

Type	Signature
MD5	CF1DFB4C2EA805F2FC7387F06ED5CD05:1594458:VirusName
RIC	F00E9D9F29BAD0B3F02CCF494A4F3A1F:744:VirusName
SEC	5:.text!23552\|.rdata!4608\|.data!1024\|.ndata!0\|.rsrc!2560:VirusName

Tagged with: Downloader, I Want This.exe, I Want ThisGui.exe, IWantThis-GB.exe, Uninstall.exe
Posted in Undetected

I Want This

Posted on April 21, 2012 by reporter — No Comments ↓

File Name: 451.exe

Product Name: I Want This

Company Name: 215 Apps

Product Version:

File Version: 1.14.149.149

DB Updates: 2/17/2012 11:35:21 AM

Check: [Clean]

MD5: BC517FF13532D25853936DBDC70EAFC4

Size: 1997096

PE64: False

System: Win32 GUI

Name	Attrib	MD5	Size
.text	60300020	C51E3FCC3C63871874616DAC6A956E1A	33280
.data	C0300040	CE8095B31F2148D62497CB680AB466A4	512
.rdata	40300040	AF6FB4FB881EBB57285EB98ED8DF709D	3584
.bss	C0400080	00000000000000000000000000000000	0
.idata	C0300040	DE28D24AC85D5DF28A668492018B70E6	5120
.ndata	C0300040	0F343B0931126A20F133D67C2B018A3B	1024
.rsrc	C0300040	DD08B8C1629701D3248CDA9C2A979055	13312

Signatures

Type	Signature
MD5	BC517FF13532D25853936DBDC70EAFC4:1997096:VirusName
NAC	0ADCCA29183F4486448AAB911FCEB498:19:VirusName
RIC	38F05055A4E84C4ECDC421009B7EB4E1:9640:VirusName
SEC	7:.text!33280\|.data!512\|.rdata!3584\|.bss!0\|.idata!5120\|.ndata!1024\|.rsrc!13312:VirusName

Tagged with: CleanChromePrefs.vbs, Downloader, I Want This.exe, I Want ThisGui.exe, Uninstall.exe
Posted in Undetected

I Want This.exe I Want ThisGui.exe Uninstall.exe

Posted on March 13, 2012 by reporter — No Comments ↓

File Name: 608.exe

DB Updates: 2/17/2012 11:35:21 AM

Check: [Clean]

MD5: C6F332B408C7E87F7973BAD94EB3A6AB

Size: 1640250

PE64: False

System: Win32 GUI

Name	Attrib	MD5	Size
.text	60000020	0BC2FFD32265A08D72B795B18265828D	23552
.rdata	40000040	F179218A059068529BDB4637EF5FA28E	4608
.data	C0000040	975304D6DD6C4A4F076B15511E2BBBC0	1024
.ndata	C0000080	00000000000000000000000000000000	0
.rsrc	40000040	6DA8022B47763F5DA9C4FAE5486AB0D8	2560

Signatures

Type	Signature
MD5	C6F332B408C7E87F7973BAD94EB3A6AB:1640250:VirusName
RIC	F00E9D9F29BAD0B3F02CCF494A4F3A1F:744:VirusName
SEC	5:.text!23552\|.rdata!4608\|.data!1024\|.ndata!0\|.rsrc!2560:VirusName

Tagged with: Downloader, I Want This.exe, I Want ThisGui.exe, IWantThis-US.exe, Uninstall.exe
Posted in Undetected

I Want This.exe I Want ThisGui.exe Uninstall.exe

Posted on March 12, 2012 by reporter — No Comments ↓

File Name: 586.exe

DB Updates: 2/17/2012 11:35:21 AM

Check: [Clean]

MD5: C6F332B408C7E87F7973BAD94EB3A6AB

Size: 1640250

PE64: False

System: Win32 GUI

Name	Attrib	MD5	Size
.text	60000020	0BC2FFD32265A08D72B795B18265828D	23552
.rdata	40000040	F179218A059068529BDB4637EF5FA28E	4608
.data	C0000040	975304D6DD6C4A4F076B15511E2BBBC0	1024
.ndata	C0000080	00000000000000000000000000000000	0
.rsrc	40000040	6DA8022B47763F5DA9C4FAE5486AB0D8	2560

Signatures

Type	Signature
MD5	C6F332B408C7E87F7973BAD94EB3A6AB:1640250:VirusName
RIC	F00E9D9F29BAD0B3F02CCF494A4F3A1F:744:VirusName
SEC	5:.text!23552\|.rdata!4608\|.data!1024\|.ndata!0\|.rsrc!2560:VirusName

Tagged with: Downloader, I Want This.exe, I Want ThisGui.exe, IWantThis-US.exe, Uninstall.exe
Posted in Undetected

I Want This

Posted on March 10, 2012 by reporter — No Comments ↓

File Name: 380.exe

Product Name: I Want This

Company Name: 215 Apps

Product Version:

File Version: 1.9.146.147

DB Updates: 2/17/2012 11:35:21 AM

Check: [Clean]

MD5: 60A6EB47CA7A383C2AC9DEDBBDAFFB02

Size: 2010840

PE64: False

System: Win32 GUI

Name	Attrib	MD5	Size
.text	60300020	C51E3FCC3C63871874616DAC6A956E1A	33280
.data	C0300040	CE8095B31F2148D62497CB680AB466A4	512
.rdata	40300040	AF6FB4FB881EBB57285EB98ED8DF709D	3584
.bss	C0400080	00000000000000000000000000000000	0
.idata	C0300040	DE28D24AC85D5DF28A668492018B70E6	5120
.ndata	C0300040	0F343B0931126A20F133D67C2B018A3B	1024
.rsrc	C0300040	70BF68C830EE36DA38C6FDF615C44D61	13312

Signatures

Type	Signature
MD5	60A6EB47CA7A383C2AC9DEDBBDAFFB02:2010840:VirusName
NAC	0ADCCA29183F4486448AAB911FCEB498:19:VirusName
RIC	38F05055A4E84C4ECDC421009B7EB4E1:9640:VirusName
SEC	7:.text!33280\|.data!512\|.rdata!3584\|.bss!0\|.idata!5120\|.ndata!1024\|.rsrc!13312:VirusName

Tagged with: bringtofront.exe, Downloader, I Want This.exe, I Want ThisGui.exe, Uninstall.exe
Posted in Undetected