Multi-License Discount Quote

Change Region

English
Threat Database Adware Adware.Arcade Yum

Adware.Arcade Yum

By CagedTech in Adware

Threat Scorecard

Popularity Rank: 23,561
Threat Level: 20 % (Normal)
Infected Computers: 2,521
First Seen: September 23, 2014
Last Seen: March 16, 2026
OS(es) Affected: Windows

Aliases

4 security vendors flagged this file as malicious.

Antivirus Vendor Detection
Ikarus Trojan-Downloader
McAfee Artemis!19C71380E3C3
McAfee-GW-Edition Artemis
Sophos Arcade Yum

File System Details

Adware.Arcade Yum may create the following file(s):
Expand All | Collapse All
# File Name MD5 Detections
1. arcadeyum.dll 332b593819a6f31aea79785249b43221 125
2. ArcadeYumIEHelper.dll f334008b6c195e818eee62026ce8238f 76
3. ArcadeYumVersionControl.exe a75e4cdbb19f1436e65e1dae3222ea37 30
More files

Registry Details

Adware.Arcade Yum may create the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
Software\AppDataLow\Software\ArcadeYum
SOFTWARE\Microsoft\Tracing\ArcadeYum_RASAPI32
SOFTWARE\Microsoft\Tracing\ArcadeYum_RASMANCS
SOFTWARE\Wow6432Node\Microsoft\Tracing\ArcadeYum_RASAPI32
SOFTWARE\Wow6432Node\Microsoft\Tracing\ArcadeYum_RASMANCS
HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}
ArcadeYum

Directories

Adware.Arcade Yum may create the following directory or directories:

%ALLUSERSPROFILE%\ArcadeYum
%LOCALAPPDATA%\ArcadeYum
%PROGRAMFILES%\ArcadeYum
%PROGRAMFILES(x86)%\ArcadeYum
%USERPROFILE%\Local Settings\Application Data\ArcadeYum

URLs

Adware.Arcade Yum may call the following URLs:

arcadeyum.com

Analysis Report

General information

Family Name: Adware.Arcade Yum
Signature status: Self Signed

Known Samples

MD5: 3d75234256e6e0f42cf6c1aa28d2cc91
SHA1: c565706a1b8b65cabf7a91451ad8aba3d2277516
SHA256: 5B27BF45712A01340971B2285914C5D83BD54F13778F1E87F749E09F0542E6EB
File Size: 183.08 KB, 183080 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
Show More
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Company Name Arcade Yum
File Description Uninstaller
Legal Copyright Copyright (c) ArcadeYum

Digital Signatures

Signer Root Status
ArcadeYum LLC Thawte Code Signing CA - G2 Self Signed

Block Information

Total Blocks: 524
Potentially Malicious Blocks: 20
Whitelisted Blocks: 497
Unknown Blocks: 7

Visual Map

? 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 ? ? ? 0 x 0 0 x ? x 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x 0 x 0 0 x 0 0 x 0 x 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 x 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 1 1 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 1 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Zegost.AQ

Files Modified

File Attributes
c:\users\user\appdata\local\temp\7zsa68b.tmp Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zsa68b.tmp\module.uninstaller.exe Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zsa68b.tmp\module.uninstaller.exe Synchronize,Write Attributes
c:\users\user\appdata\local\temp\7zsa68b.tmp\module.uninstaller.exe.config Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7zsa68b.tmp\module.uninstaller.exe.config Synchronize,Write Attributes

Registry Modifications

Key::Value Data API Name
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75 RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc3475 RegNtPreCreateKey
Show More
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75 RegNtPreCreateKey

Windows API Usage

Category API
Process Manipulation Evasion
  • NtUnmapViewOfSection
Process Shell Execute
  • ShellExecuteEx
User Data Access
  • GetComputerNameEx
  • GetUserDefaultLocaleName
  • GetUserObjectInformation

Shell Command Execution

(NULL) module.uninstaller.exe

Trending

Most Viewed

Loading...