Threat Database Adware Adware.DealPly.ASB

Adware.DealPly.ASB

By CagedTech in Adware

Threat Scorecard

Popularity Rank: 15,060
Threat Level: 20 % (Normal)
Infected Computers: 59
First Seen: July 27, 2024
Last Seen: April 18, 2026
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Adware.DealPly.ASB
Signature status: No Signature

Known Samples

MD5: 91aec90e97c15a2f0216f773ff074226
SHA1: 6a4a89d6ef5dca8c761aae7a5ce615feff222855
File Size: 628.22 KB, 628224 bytes
MD5: bba6227cc38ab2618f6b1d071c0acc00
SHA1: f75ffed70e3ebf3ad57fd65fa5c8557ec40dcfc9
SHA256: D21E9028E652E2744933A210D19D5EC96493F6FEC71EAAF00034761A1BABDADB
File Size: 2.38 MB, 2383872 bytes
MD5: de0e9a4878285cef382dd19e110c7cee
SHA1: 9f0efb85f24bdc6dd4371a8fae1fc2c97e7f19ad
SHA256: 21C83E6852C6BEB25052343D2A832941BEFF4B7EC8AB1AA4C9BC29F5870FED90
File Size: 1.00 MB, 1000448 bytes
MD5: 5df1bb83f43ab51496152abdc84f7e38
SHA1: 243baa8bfaae9b410ecfda133b318ebb67c33c72
SHA256: 7367D9E18EFDEEF030A0855E2DF6770034A1063320916047F4F13BAE2EE0D92F
File Size: 917.50 KB, 917504 bytes
MD5: 363b846926b978eda3df96a90ea67187
SHA1: cc73b6e6c501f6917e9b8478584836d0431239bc
SHA256: 290EF26CBC06EBCBF4F5BF51ACB4EF66EEFE1333963DFCC713AF1DD9EE1A6EFB
File Size: 1.99 MB, 1992704 bytes
Show More
MD5: 5e92ff80a54a0eefb5997e9e35981005
SHA1: 8f302066297b39d74e49a2c7af10691784136933
SHA256: 68E9231587F50DF978AEF4FC4B4546991BCA33F6EB002F94B925660405AEF11C
File Size: 635.39 KB, 635392 bytes
MD5: 3b67f49626e33b895e1af10f5c7c4161
SHA1: 4cffe7e44c65736b96e4fd17367062267dd0f541
SHA256: 3A649CCB080DE7241C0BFA05101F93BE0F14181AF06ED52DE011EC9E935468C5
File Size: 2.02 MB, 2024960 bytes
MD5: 47dcfaa7c02d72b78a24d6e57729eb5d
SHA1: bb49c5ac35fe64f43e0d2e9487877dd095cef33b
SHA256: 124906606054B0EBDF73F7E0F2E08B09E0ED97A396774BA7EE64C540CD030945
File Size: 645.12 KB, 645120 bytes
MD5: b6a108530e4818fcc933f39c70ede99d
SHA1: 2c0abf471f3ef518a837f4a386ff80c3d6a1987d
SHA256: 04F353492E6D3C2EDBA451184B0B03188061EF435E786DA7D5AE0A45DB605C9B
File Size: 2.36 MB, 2358784 bytes
MD5: 6b004e97e7bf4316a28e79b72de70981
SHA1: 6d7cfd1103e2473d9cbd4a4067cfa46f8e898dce
SHA256: 4B04BF16144EB5606BD28E3D87B5429159B2A2890D59365A15D4B8D3CC4B912E
File Size: 517.12 KB, 517120 bytes
MD5: c3f9b0bdba5c2c8450ca3eff740a1261
SHA1: 1afb91a14036157307b28c2c3290167c6c785400
SHA256: 2A6E08914C0783C3B6BEC0A32CF3029D8CEEB827AE6D84F44F7415EB53EFB76C
File Size: 639.49 KB, 639488 bytes
MD5: b83d26b856d77cbc1170d4285211bb89
SHA1: d4ae6ffc00916755543e1c9a4677354f0b6940ed
SHA256: AB30193F8667E96EA4191A6D24CF33E42C79E0DDE616FAD451377732025C6914
File Size: 502.27 KB, 502272 bytes
MD5: 517be13a5d9966e8f552b5d6342cf8f0
SHA1: 919bf9fef754454cd72295064c2814a1bdca4916
SHA256: C4AAC582BBC7722F70312E3C0E119AF357179C76A268EB4E36F651EB29C21C6B
File Size: 514.56 KB, 514560 bytes
MD5: 7e1869edf095ef2a328fa21e7a0b9c1a
SHA1: ea88f4e82f57f2b5a14d03effdf204d37706a6db
SHA256: 7A814A3C80A281620C59010FE9A354ED385EC701BB613EA3353ECD77069C781F
File Size: 2.32 MB, 2315264 bytes
MD5: 7db90476a9c0bea71b0b3294b421f9c4
SHA1: b35f8f594e78315ce38f735e7e106d2fa2da8baf
SHA256: 889DBC6961F98C8239E23AC27D32B3573BB89123B3FF88CFAF42CDA35B003838
File Size: 2.16 MB, 2162688 bytes
MD5: 0f123c262a22a8cb9fee0279580c4bc8
SHA1: a76bba098f2b891721519a3e638b591b83dac08e
SHA256: D4779D972841F4E8635EA078DE576B1A937A87AE28857868A0A4B2A309A8AD5C
File Size: 990.72 KB, 990720 bytes
MD5: 9dd27e8f6d4f016c82c6d13c48fcc375
SHA1: f8f101b5a528b3e7d0667fb8987579150173cce0
SHA256: A87DC5DE955A969D45012C3D317687E08718B3EF068666BAF793A89841B305B6
File Size: 2.17 MB, 2167296 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File has exports table
  • File has TLS information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
Show More
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Company Name
  • Cunola
  • Dehofog
  • Durafetelak
  • Genitel Ltd.
  • Gulukelegame Ltd.
  • Heseherosa
  • Lecerarel
  • Piherugel
  • Pogobinehos Ltd.
  • Pusosapa Software Ltd.
Show More
  • Rahapire
File Description
  • Bepaka
  • Dica Boli
  • Fibe
  • Pelepan
  • Seherep Coka
  • Tanog Dakelal
File Version
  • 2.9.0.0
  • 2.8.11.92
  • 2.5.22.1
  • 2.5.13.47
  • 2.4.3.99
  • 2.2.41.36
  • 1.8.5.72
  • 1.7.17.50
  • 1.5.4.96
  • 1.4.1.38
Show More
  • 1.1.34.40
Internal Name
  • Balagi
  • Besemof
  • Cumad
  • Faraf
  • Ferafok
  • fodacap
  • LomakaPalec
  • Nupe
  • recungoro
  • rilohlogum
Show More
  • tukocbunahud
Legal Copyright
  • Copyright 2010-2015
  • Copyright 2011-2016 All Rights Reserved
  • Copyright 2011-2017 All Rights Reserved
  • Copyright All Rights Reserved
  • Copyright © 2012-2015 All Rights Reserved
  • Dehofog © 2012-2017
  • Rahapire © 2010-2016
Legal Trademarks
  • 2010-2016
  • Pusosapa Software Ltd. 2010-2017
  • Rahapire 2010-2017
Original Filename
  • balagi.exe
  • BesemofPukibe.exe
  • Cumad.exe
  • FarafRudab.exe
  • Ferafok.exe
  • fodacap.exe
  • LomakaPalec.exe
  • NupeBelat.exe
  • recungoro.exe
  • rilohlogum.exe
Show More
  • tukocbunahud.exe
Product Name
  • Cikace Ritefe Kadama
  • Dukagihi Fodasa Mome
  • Fanacogo Kukid Rahafoka
  • Futehis Paro
  • Gecesun Popabuf Pononeno
  • Nagok
  • Nene Sece Kokopahap
  • Rokoteba Cobeseb Paroko
  • Sepeminen Lediger Pukehofib
  • Telag Lasog 24
Show More
  • Tudo
Product Version
  • 3.7.49.83
  • 3.6.31.25
  • 3.6.7.93
  • 3.5.47.13
  • 3.1.27.77
  • 2.9.19.29
  • 2.8.7.23
  • 2.7.12.7
  • 2.2.11.90
  • 1.9.22.61
Show More
  • 1.6.27.64

File Traits

  • 2+ executable sections
  • No Version Info
  • VirtualQueryEx
  • x86

Block Information

Total Blocks: 5,640
Potentially Malicious Blocks: 6
Whitelisted Blocks: 5,628
Unknown Blocks: 6

Visual Map

0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
... Data truncated
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Banker.AM
  • Banker.GF
  • Banker.RF
  • Casbaneiro.A
  • DealPly.AS
Show More
  • DealPly.ASB
  • DealPly.GB
  • Delf.FC
  • Delf.OD
  • Delf.ODB
  • Filecoder.PB
  • Filecoder.RR
  • Gamehack.BSB
  • Injector.JDA
  • Injector.KPP
  • Installmonstr.EC
  • Keylogger.DF
  • Lamer.B
  • Lumma.NB
  • MSIL.Agent.FG
  • Malat.A
  • MyDoom.A
  • Ropalidia.D
  • Swisyn.B
  • Talsab.A

Windows API Usage

Category API
User Data Access
  • GetUserObjectInformation

Trending

Most Viewed

Loading...