Threat Database Adware Adware.DealPly.AS

Adware.DealPly.AS

By CagedTech in Adware

Threat Scorecard

Popularity Rank: 12,587
Threat Level: 20 % (Normal)
Infected Computers: 53
First Seen: July 27, 2024
Last Seen: March 1, 2026
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Adware.DealPly.AS
Signature status: No Signature

Known Samples

MD5: 4dbc82b32a7972c01675158f2ba25f5b
SHA1: 6fe16a35132f5bade871b845a1d739c47c45b0ae
SHA256: 5D7E24B9C3F29DC3E623A4099DFF55FAFFBD51EEFB556FBF7D69E9D1715704F3
File Size: 903.68 KB, 903680 bytes
MD5: 5721e66a8aaa91ca21aa89480415781a
SHA1: 5a3c27ade2b7603c84bb55146c172994f8f0b8c8
SHA256: 1FDFF6B8C778DD98C08E57880CDD17FE4DE7F8378E2044BF7F87F40171BFEF8B
File Size: 2.18 MB, 2179584 bytes
MD5: 5aa80a060bf34e9b2c27b47da249742f
SHA1: 70b515302a2ab93d78c461ced5df72c1d4c828e2
SHA256: 965B54FC0C1B9313FBAFC420334CE2916542A0F7BF0A671CDFE9614E4F5777EB
File Size: 2.24 MB, 2238464 bytes
MD5: 143988e79d1d453f70937a24e9360118
SHA1: 5302f6242d99c2ee7a624571448d31f13f4b379b
SHA256: FD1839BE8B0C6FC18C90A34171598C95FCEA3A375FE7E4B86FB7061FE349A3E9
File Size: 2.15 MB, 2152448 bytes
MD5: 0d09a6dd169a4d63402bc2b3f9abeb08
SHA1: b49e6e5360642ce4a22fc0e53988307f52efa682
SHA256: 42A035E60CD3498A4CBCF603AEA7D09EB0F2D4F7D58F7AC60705E3B3F90A07A3
File Size: 889.86 KB, 889856 bytes
Show More
MD5: e9af02fc42c868c18bc4f9149e0e2a2c
SHA1: 293a31671643a81005182a2583e52cb32e7e31e9
SHA256: 98087D79E5AB776D06A7806B44E0203A7BC0D0156BC3075078EC90C016DC9BA6
File Size: 2.25 MB, 2246656 bytes
MD5: 451cc038af3645dae371b4611766d903
SHA1: b651a3aa64ea575803c1d95eb5f36c096ed24139
SHA256: 47ABB0C31535ABDDB9BB89FD18346C7EF4A8623AE902A8FBC5877F3C304B7C3F
File Size: 2.07 MB, 2067968 bytes
MD5: 95520c97e640a5042bec730e193bddbd
SHA1: cc1772cb63e6e7258215cfa839b6ae006e053ca5
SHA256: C81E1C28DFF338072FA4B96080DBF3C254FB3F23C550A6A603965127430F2BCA
File Size: 2.16 MB, 2164224 bytes
MD5: 10c3c61f324d92ac6347fa282ad3d802
SHA1: 29320d39b02f6ba02030bf3c5471054b67ee21d4
SHA256: 712F45292C9482DB0F16133C0733B0DCC54720164E00D96139F9B4EE3E9632FA
File Size: 2.24 MB, 2240512 bytes
MD5: c623012462af729c027c1831ad5122b5
SHA1: 8bf972b763486f47f3beb321643496826bb5b614
SHA256: 12BA6726A8B42B1F7B2E3149FCD984D7EDC550D247B4BBAC7124EB85D3109CDB
File Size: 679.94 KB, 679936 bytes
MD5: c85d734cea5fceb894df2bd416f093de
SHA1: 094b2bfa1584df52d642f7dc0a06b741acdf1af9
SHA256: BC4D34CB9056E41B537150832C51A34AF44121750911AF25EB6491B6F27D95A9
File Size: 2.15 MB, 2147840 bytes
MD5: 12bdad7aefd89f66be3a841b26b06be3
SHA1: 27fe9e6bfde2e64d8c21d5ac62f3c403f127b1c1
SHA256: C076F95A01520F2247B3486A5E0004780BFAA79F6B7A561C923D83FD5A2726E7
File Size: 1.99 MB, 1988096 bytes
MD5: 6f16dc9c1e785709b629e504a6dbbaf1
SHA1: 1564087604dde9c6163372d1aa57307c5e3ce70c
SHA256: 74232DD8BA6A9D49C14FC613DE7B13FA3A1694D6DE1B236F5BC7B6DBA96B4602
File Size: 2.06 MB, 2057216 bytes
MD5: 9b80b9cb7be33802b9fa39ae59c73c02
SHA1: 2769858b1ead1ee5da154b94e33495467267b318
SHA256: B2CD7BE3C831EDB1C119172EDDFCE7F1B1D357C81152C8D5710B0DDD91FC2531
File Size: 619.52 KB, 619520 bytes
MD5: b889dfc8d7972afa161453dc7476ca9a
SHA1: e2f59cf12f163da880fa921f17fe45d01de079c4
SHA256: 438FEE3D102241FFE72443B20F9FEAAF651F512990A9F144FB8F04F32E9D555C
File Size: 2.22 MB, 2224640 bytes
MD5: 32d7ac6c8ade75f20bea1f61a2775c4d
SHA1: b5a199da80f15f3f45eb41c7620e01c73589d846
SHA256: 8CD928D69603B3B4FE35D106667248AE7599CE1578F7C76E5E3B38BC4ECC2A3B
File Size: 670.72 KB, 670720 bytes
MD5: 1d7a92a902795fb277d85361b6167231
SHA1: 29dbbcd3dc3f930b4156d3a62e55bcbd736769f5
SHA256: C50DCFA6C14CC376E967718E82947054F63A74C3B57E35475926EAEF67199942
File Size: 2.03 MB, 2028032 bytes
MD5: 8381029a47892ea6abade2084de28dea
SHA1: b8beeeb7fffd6f73bc72cdd737df5bcd5bff8d06
SHA256: 56608736E1F695D28E46A2F165142B82D708B20B6DE26700E9A0465E23BBA7C3
File Size: 2.32 MB, 2323456 bytes
MD5: c486d95e75f8f050661b1445f5647014
SHA1: 2b33c9a69f82c112feecfeedd4bdefa96e3ed2d2
SHA256: 4109A07D0A57104EE0D6A9127E64E2E46DAF3953A9F9008FA29AB6491695A80D
File Size: 663.55 KB, 663552 bytes
MD5: 6a3d5515ec933ce278dfeda8db48eb39
SHA1: 4a185ee69ccbe07729da53e9b47a5ab76cd16933
SHA256: D064CFADDC075510963BB0C68236012734242BC2561F5115A2EC0B9B92CD9E0B
File Size: 2.31 MB, 2305024 bytes
MD5: 1b402d8d0b40acfcac73d9474a17511a
SHA1: ddf821a4d80797593925b077ede651fef704d058
SHA256: 3340A11F131FC5CA30CEE48300E58E91C38311C835247BC5551C13F0CEFF3A7E
File Size: 889.86 KB, 889856 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File has been packed
  • File has exports table
  • File has TLS information
  • File is 32-bit executable
  • File is either console or GUI application
Show More
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Company Name
  • Bepadogos Software
  • Cacerob
  • Cedanamofo Ltd.
  • Dedofe Ltd.
  • Galagekuh Ltd.
  • Gohek Software Ltd.
  • Hopololoc Ltd.
  • Keradadolama
  • Manat
  • Matasokofene Software
Show More
  • Matoh Ltd.
  • Papeleban Ltd.
File Description
  • Bisu
  • Poken
File Version
  • 3.8.41.38
  • 3.8.23.61
  • 3.2.34.26
  • 2.9.40.37
  • 2.9.9.87
  • 2.8.37.94
  • 2.2.4.84
  • 1.7.43.16
  • 1.6.46.19
  • 1.3.4.5
Show More
  • 1.2.29.77
  • 1.1.24.46
Internal Name
  • calehlomad
  • Cupepo
  • Deben
  • Dorur
  • laregos
  • Lepife
  • mugosobecetid
  • Nagede
  • reta
  • RokidiHananeh
Show More
  • saken
  • Tamini
Legal Copyright
  • Cedanamofo Ltd. All Rights Reserved
  • Copyright
  • Copyright All Rights Reserved
  • Copyright © 2011-2015
Legal Trademarks
  • Dedofe Ltd. trademark
  • Hopololoc Ltd. trademark 2009-2017
  • Papeleban Ltd. trademark 2012-2015
Original Filename
  • calehlomad.exe
  • cupepopataduc.exe
  • DebenLoreb.exe
  • Dorur.exe
  • laregos.exe
  • LepifeKopahe.exe
  • mugosobecetid.exe
  • nagedetasor.exe
  • reta.exe
  • RokidiHananeh.exe
Show More
  • saken.exe
  • taminisemoci.exe
Product Name
  • Cafecapa Nufitopud
  • Dulocofa Take
  • Kamita Bafodaba
  • Komos Pihasame
  • Nasikafak
  • Noko Cisenas Soma
  • Nosemoc Bimama Pamurakoc
  • Posa Ragi 10
  • Sefes Putetep
  • Sogago 65 Tocolom
Show More
  • Sudic 13
  • Tedol 61 Gaboser
Product Version
  • 3.9.44.72
  • 3.8.27.31
  • 3.8.15.28
  • 3.3.25.15
  • 3.3.7.2
  • 2.7.43.27
  • 2.7.34.11
  • 2.3.8.59
  • 2.2.30.54
  • 1.3.23.89
Show More
  • 1.2.24.89
  • 1.2.23.83

File Traits

  • 2+ executable sections
  • HighEntropy
  • No Version Info
  • packed
  • upx
  • UPX!
  • VirtualQueryEx
  • x86

Block Information

Total Blocks: 2,671
Potentially Malicious Blocks: 3
Whitelisted Blocks: 2,665
Unknown Blocks: 3

Visual Map

0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
... Data truncated
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Agent.DSS
  • Babar.AI
  • Banker.AM
  • Banker.GF
  • Banker.RF
Show More
  • Banload.XG
  • Casbaneiro.A
  • Danabot.DI
  • DealPly.AS
  • DealPly.ASB
  • DealPly.GB
  • Delf.OD
  • Delf.ODB
  • Filecoder.RR
  • Gamehack.BSB
  • Installmonstr.EC
  • Lamer.B
  • MSIL.Agent.FG
  • MyDoom.A
  • Ropalidia.D

Windows API Usage

Category API
User Data Access
  • GetUserObjectInformation
Anti Debug
  • IsDebuggerPresent

Related Posts

Trending

Most Viewed

Loading...