Multi-License Discount Quote

Change Region

English
Threat Database Adware Adware.FreeVox

Adware.FreeVox

By CagedTech in Adware

Threat Scorecard

Popularity Rank: 19,154
Threat Level: 20 % (Normal)
Infected Computers: 42
First Seen: February 23, 2022
Last Seen: November 28, 2025
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Adware.FreeVox
Signature status: Hash Mismatch

Known Samples

MD5: 9d335434b324de943745cd5f280d8db6
SHA1: 7ea5ba0e6fb29a5f1ffe7581209fdaf4a4e9b8f4
SHA256: 2F66EB2E6D982E1482CFF904CB810253EC8A54B96C761D18A93E1DDC5EDB72DE
File Size: 117.60 KB, 117600 bytes
MD5: f34d903964a0f9b72267a81f2037b43e
SHA1: 3db4c81bb850493497f15ef10fd9b4d6cc41e402
SHA256: 5C76E6741AA07442E94F8AD23624ABD7817800E977369C3144F42D7A8A10F8BC
File Size: 103.57 KB, 103568 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
Show More
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Digital Signatures

Signer Root Status
FreeVox SA DigiCert Assured ID Code Signing CA-1 Hash Mismatch
FreeVox SA DigiCert Assured ID Code Signing CA-1 Self Signed

Block Information

Similar Families

  • AdGazelle.A
  • Downloader.Agent.TJ
  • Mobogenie
  • SearchSuite.C
  • Zusy.CA

Files Modified

File Attributes
c:\users\user\appdata\local\temp\nsz5891.tmp\custom.ini Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsz5891.tmp\inetc.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsz5891.tmp\modern-wizard.bmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsz5891.tmp\modern-wizard.bmp Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsz5891.tmp\nsdialogs.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsz5891.tmp\price_logo.bmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsz5891.tmp\system.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsz5891.tmp\toolbar_iminent_logo.bmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsz5891.tmp\toolbar_mixidj_logo.bmp Generic Write,Read Attributes

Registry Modifications

Key::Value Data API Name
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\content::cacheprefix RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\cookies::cacheprefix Cookie: RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\history::cacheprefix Visited: RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
Show More
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey

Windows API Usage

Category API
Anti Debug
  • IsDebuggerPresent
  • NtQuerySystemInformation
User Data Access
  • GetUserObjectInformation
Network Wininet
  • HttpOpenRequest
  • HttpQueryInfo
  • HttpSendRequest
  • InternetConnect
  • InternetOpen
  • InternetQueryOption

Trending

Most Viewed

Loading...