This piece of adware will setup a proxy that blocks AV sites and download links to some AV. It will create a folder called "a" on the c drive which it drops most of its files to.
Installer.exe
https://www.virustotal.com/en/file/8e99 ... /analysis/
MD5: b8c773eb87a0e41fc08ac983d38eaae0
SHA1: fe8b5cd09d1afc366b4f9b898ac3be8e58cfc52d
SHA256: 8e993979934e0d2150a75186ec3512a241d66ed70d78204fa25b891d7656d9b1
Article: https://blog.malwarebytes.org/intellige ... d-domains/
Installer.exe
https://www.virustotal.com/en/file/8e99 ... /analysis/
MD5: b8c773eb87a0e41fc08ac983d38eaae0
SHA1: fe8b5cd09d1afc366b4f9b898ac3be8e58cfc52d
SHA256: 8e993979934e0d2150a75186ec3512a241d66ed70d78204fa25b891d7656d9b1
Article: https://blog.malwarebytes.org/intellige ... d-domains/
Attachments
PW=infected
(1.67 MiB) Downloaded 65 times
(1.67 MiB) Downloaded 65 times
PW=infected
(783.69 KiB) Downloaded 72 times
(783.69 KiB) Downloaded 72 times
