Multi-License Discount Quote

Change Region

English
Threat Database Adware Adware.InstallMonetizer.E

Adware.InstallMonetizer.E

By CagedTech in Adware

Threat Scorecard

Popularity Rank: 13,203
Threat Level: 20 % (Normal)
Infected Computers: 92
First Seen: August 22, 2022
Last Seen: October 24, 2025
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Adware.InstallMonetizer.E
Signature status: No Signature

Known Samples

MD5: 0e4890483943afb58c743172abc27151
SHA1: 2c4072efe9ee1fdf85067c22e1488d3796645d27
SHA256: 8864C1003AECFAEF95D4D70B5AC5E22E6D1B72AA60267876B4527937C294984A
File Size: 228.54 KB, 228539 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

File Traits

  • dll
  • x86

Files Modified

File Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\blowfish.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\blowfish.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\firstresult.txt Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\firstresult.txt_deleted_ Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\getversion.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\getversion.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\header.bmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\header.bmp Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\installog.txt Generic Write,Read Attributes
Show More
c:\users\user\appdata\local\temp\nsp3c89.tmp\installog.txt_deleted_ Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\manlib.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\manlib.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\math.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\math.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\nsdialogs.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\nsdialogs.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\registry.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\registry.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\system.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\system.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\userinfo.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsp3c89.tmp\userinfo.dll Synchronize,Write Attributes

Registry Modifications

Key::Value Data API Name
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\content::cacheprefix RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\cookies::cacheprefix Cookie: RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\history::cacheprefix Visited: RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
Show More
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Tesriscq\AppData\Local\Temp\nsp3C89.tmp\registry.dll RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Users\Tesriscq\AppData\Local\Temp\nsp3C89.tmp\registry.dll\??\C:\Users\Tesriscq\AppData\Local\Temp\nsp3C89.tmp\ RegNtPreCreateKey

Windows API Usage

Category API
Anti Debug
  • IsDebuggerPresent
  • NtQuerySystemInformation
User Data Access
  • GetUserObjectInformation
Network Info Queried
  • GetAdaptersInfo
Network Wininet
  • HttpOpenRequest
  • HttpQueryInfo
  • HttpSendRequest
  • InternetConnect
  • InternetOpen
  • InternetQueryOption

Trending

Most Viewed

Loading...