Quick analysis note about DealPly (Adware)
Tags
| attack-pattern: | Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | ffbc505a-2a4c-45de-a314-40bce61ff64c |
| Fingerprint | 3212f7d97add43fe |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | May 11, 2021, 1:16 a.m. |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Nov. 17, 2024, 10:40 p.m. |
| Headline | 0day in {REA_TEAM} |
| Title | Quick analysis note about DealPly (Adware) |
| Detected Hints/Tags/Attributes | 30/1/26 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | buluw.com |
|
| Details | Domain | 73 | schemas.microsoft.com |
|
| Details | File | 53 | iphlpapi.dll |
|
| Details | File | 185 | shell32.dll |
|
| Details | File | 146 | wininet.dll |
|
| Details | File | 748 | kernel32.dll |
|
| Details | File | 1 | src.dat |
|
| Details | File | 3 | updtask.exe |
|
| Details | File | 1 | synhelper.exe |
|
| Details | File | 3 | updane.exe |
|
| Details | File | 7 | sync.exe |
|
| Details | File | 1 | productupdt.exe |
|
| Details | File | 3 | synctask.exe |
|
| Details | File | 3 | syncversion.exe |
|
| Details | File | 1 | prod.dat |
|
| Details | File | 20 | config.dat |
|
| Details | File | 291 | user32.dll |
|
| Details | File | 30 | at.exe |
|
| Details | File | 249 | schtasks.exe |
|
| Details | File | 2126 | cmd.exe |
|
| Details | File | 18 | 1.dat |
|
| Details | File | 14 | 2.dat |
|
| Details | File | 34 | psapi.dll |
|
| Details | File | 229 | advapi32.dll |
|
| Details | sha256 | 1 | 40584f79d109a18b1c4ea7e75a945324978652b6afcc9efbe62241717f0b4685 |
|
| Details | Url | 19 | http://schemas.microsoft.com/windows/2004/02/mit/task |