Adware.MediaInstaller.D

By CagedTech in Adware

Threat Scorecard

Popularity Rank:	3,438
Threat Level:	20 % (Normal)
Infected Computers:	3,390

First Seen:	December 28, 2021
Last Seen:	March 10, 2026
OS(es) Affected:	Windows

Table of Contents

Analysis Report

General information

Family Name:	Adware.MediaInstaller.D
Signature status:	No Signature

Known Samples

MD5: 2de4a74133c702e4f05ec7d3ce906926

SHA1: 4646d9c8cf90a9b4834868116693dee79d4353c7

SHA256: D175F11B2BA12912181A1B346DB2E2F7EDDC6D5B250E4AA552C23B05D0373FE2

File Size: 6.95 MB, 6945157 bytes

MD5: 1920af1c35267f40414dbcbf0cb38cc9

SHA1: 4d7fa891b5b79e7f95a862790fe6e95367fff458

SHA256: 40973031F8030B137647AEB6DDC3C0E21740ED121B156CA81B2886EAF147A2B5

File Size: 6.54 MB, 6537043 bytes

MD5: 6a3b9fe4e3d103e701612f0e475d6738

SHA1: 2b79569787457a9920c4059204d72cc75e650240

SHA256: 8C90F8818165AC7738EE9EEAF854A5030A667C2A5FAFC177C209C33F13E90DE4

File Size: 7.26 MB, 7264948 bytes

MD5: 1562aa7fc32b6180b2fafbc292419fa4

SHA1: 35df20a1c4db379078f8144a603008e62ce30c5b

SHA256: 57FC9CB007CC9EABFAD10CC96CA50D01B86FC554C116414EBAE270C7D260800D

File Size: 6.77 MB, 6766971 bytes

MD5: ee939631d710a4498a6954f2a638d078

SHA1: a82ea687187b7e7c66d2b2ee178094a1d122b78b

SHA256: 6898976B572FB53336B043390AA80C6B5BD485D92FFD69CA73EA220BEAD8A45E

File Size: 6.92 MB, 6923940 bytes

MD5: 317bc1b31583a4faa2ef82fb49a905b4

SHA1: bc8430fe4d04a8a928dd1c27c9d0bf452f429bd6

SHA256: A61443BFE7D975A5226013D586066E4C536A5D87D6010FC62EC335376E16578E

File Size: 2.13 MB, 2126581 bytes

MD5: 99c43f6d145adbcfa732eba995462a4e

SHA1: f8b01640e2e6cbac648db79064ad6925076c1b7b

SHA256: E35F20C55214C3B141E62EA7391D4422F105397C1F672C1E90B8999B58B4333B

File Size: 7.48 MB, 7475466 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have exports table
File doesn't have security information
File is 64-bit executable
File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
File is either console or GUI application
File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

File Traits

No Version Info
Py-installer
x64
zlib (In Overlay)
zlib overlay

Block Information

Total Blocks:	819
Potentially Malicious Blocks:	1
Whitelisted Blocks:	818
Unknown Blocks:	0

Visual Map

0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 2 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

Downloader.Agent.N

Files Modified

File	Attributes
c:\users\user\appdata\local\temp\_mei10842\_asyncio.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei10842\_bz2.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei10842\_ctypes.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei10842\_decimal.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei10842\_hashlib.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei10842\_lzma.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei10842\_multiprocessing.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei10842\_overlapped.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei10842\_queue.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei10842\_socket.pyd	Generic Write,Read Attributes

c:\users\user\appdata\local\temp\_mei10842\_ssl.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei10842\base_library.zip	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei10842\libcrypto-1_1.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei10842\libffi-7.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei10842\libssl-1_1.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei10842\pyexpat.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei10842\python38.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei10842\select.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei10842\unicodedata.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei10842\vcruntime140.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\_asyncio.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\_bz2.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\_ctypes.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\_decimal.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\_hashlib.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\_lzma.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\_multiprocessing.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\_overlapped.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\_queue.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\_socket.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\_ssl.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-console-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-datetime-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-debug-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-errorhandling-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-file-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-file-l1-2-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-file-l2-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-handle-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-heap-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-interlocked-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-libraryloader-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-localization-l1-2-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-memory-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-namedpipe-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-processenvironment-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-processthreads-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-processthreads-l1-1-1.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-profile-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-rtlsupport-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-string-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-synch-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-synch-l1-2-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-sysinfo-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-timezone-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-core-util-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-crt-conio-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-crt-convert-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-crt-environment-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-crt-filesystem-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-crt-heap-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-crt-locale-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-crt-math-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-crt-process-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-crt-runtime-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-crt-stdio-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-crt-string-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-crt-time-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\api-ms-win-crt-utility-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\base_library.zip	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\libcrypto-1_1.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\libffi-7.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\libssl-1_1.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\pyexpat.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\python38.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\select.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\ucrtbase.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\unicodedata.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei12242\vcruntime140.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\_bz2.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\_hashlib.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\_lzma.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\_socket.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\_ssl.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-console-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-datetime-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-debug-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-errorhandling-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-file-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-file-l1-2-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-file-l2-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-handle-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-heap-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-interlocked-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-libraryloader-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-localization-l1-2-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-memory-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-namedpipe-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-processenvironment-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-processthreads-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-processthreads-l1-1-1.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-profile-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-rtlsupport-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-string-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-synch-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-synch-l1-2-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-sysinfo-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-timezone-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-core-util-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-crt-conio-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-crt-convert-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-crt-environment-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-crt-filesystem-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-crt-heap-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-crt-locale-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-crt-math-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-crt-process-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-crt-runtime-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-crt-stdio-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-crt-string-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-crt-time-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\api-ms-win-crt-utility-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\base_library.zip	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\pyexpat.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\python36.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\select.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\ucrtbase.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\unicodedata.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei1642\vcruntime140.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\_asyncio.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\_bz2.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\_ctypes.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\_decimal.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\_hashlib.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\_lzma.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\_multiprocessing.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\_overlapped.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\_queue.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\_socket.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\_ssl.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\base_library.zip	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\libcrypto-1_1.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\libffi-7.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\libssl-1_1.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\pyexpat.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\python38.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\select.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\unicodedata.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei17122\vcruntime140.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\_bz2.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\_hashlib.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\_lzma.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\_socket.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\_ssl.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-console-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-datetime-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-debug-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-errorhandling-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-file-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-file-l1-2-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-file-l2-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-handle-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-heap-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-interlocked-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-libraryloader-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-localization-l1-2-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-memory-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-namedpipe-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-processenvironment-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-processthreads-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-processthreads-l1-1-1.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-profile-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-rtlsupport-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-string-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-synch-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-synch-l1-2-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-sysinfo-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-timezone-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-core-util-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-crt-conio-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-crt-convert-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-crt-environment-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-crt-filesystem-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-crt-heap-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-crt-locale-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-crt-math-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-crt-process-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-crt-runtime-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-crt-stdio-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-crt-string-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-crt-time-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\api-ms-win-crt-utility-l1-1-0.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\base_library.zip	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\pyexpat.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\python36.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\select.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\ucrtbase.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\unicodedata.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei18202\vcruntime140.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei21322\_asyncio.pyd	Generic Write,Read Attributes

2002 additional files are not displayed above.

Windows API Usage

Category	API
Syscall Use	ntdll.dll!NtAlpcConnectPort ntdll.dll!NtAlpcQueryInformation ntdll.dll!NtAlpcSendWaitReceivePort ntdll.dll!NtClose ntdll.dll!NtCreateEvent ntdll.dll!NtDeviceIoControlFile ntdll.dll!NtDuplicateObject ntdll.dll!NtFreeVirtualMemory ntdll.dll!NtOpenDirectoryObject ntdll.dll!NtOpenKey Show More ntdll.dll!NtOpenKeyEx ntdll.dll!NtOpenProcessToken ntdll.dll!NtOpenThreadToken ntdll.dll!NtProtectVirtualMemory ntdll.dll!NtQueryFullAttributesFile ntdll.dll!NtQueryInformationProcess ntdll.dll!NtQueryInformationThread ntdll.dll!NtQueryInformationToken ntdll.dll!NtQueryKey ntdll.dll!NtQuerySecurityAttributesToken ntdll.dll!NtQuerySecurityObject ntdll.dll!NtQuerySystemInformation ntdll.dll!NtQueryValueKey ntdll.dll!NtQueryVirtualMemory ntdll.dll!NtQueryVolumeInformationFile ntdll.dll!NtQueryWnfStateData ntdll.dll!NtSetEvent ntdll.dll!NtSetInformationWorkerFactory ntdll.dll!NtSetTimer2 ntdll.dll!NtTestAlert ntdll.dll!NtTraceControl ntdll.dll!NtWriteFile ntdll.dll!NtWriteVirtualMemory UNKNOWN win32u.dll!NtUserGetKeyboardLayout win32u.dll!NtUserGetThreadState
Process Shell Execute	CreateProcess
Process Manipulation Evasion	NtUnmapViewOfSection

Shell Command Execution


							c:\users\user\downloads\4646d9c8cf90a9b4834868116693dee79d4353c7_0006945157 "c:\users\user\downloads\4646d9c8cf90a9b4834868116693dee79d4353c7_0006945157"


							c:\users\user\downloads\4646d9c8cf90a9b4834868116693dee79d4353c7_0006945157 "c:\users\user\downloads\4646d9c8cf90a9b4834868116693dee79d4353c7_0006945157"


							c:\users\user\downloads\4d7fa891b5b79e7f95a862790fe6e95367fff458_0006537043 "c:\users\user\downloads\4d7fa891b5b79e7f95a862790fe6e95367fff458_0006537043"


							c:\users\user\downloads\2b79569787457a9920c4059204d72cc75e650240_0007264948 "c:\users\user\downloads\2b79569787457a9920c4059204d72cc75e650240_0007264948"


							c:\users\user\downloads\35df20a1c4db379078f8144a603008e62ce30c5b_0006766971 "c:\users\user\downloads\35df20a1c4db379078f8144a603008e62ce30c5b_0006766971"


									c:\users\user\downloads\a82ea687187b7e7c66d2b2ee178094a1d122b78b_0006923940 "c:\users\user\downloads\a82ea687187b7e7c66d2b2ee178094a1d122b78b_0006923940"


									c:\users\user\downloads\f8b01640e2e6cbac648db79064ad6925076c1b7b_0007475466 "c:\users\user\downloads\f8b01640e2e6cbac648db79064ad6925076c1b7b_0007475466"

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Adware.MediaInstaller.D

Threat Scorecard

EnigmaSoft Threat Scorecard

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

File Traits

Block Information

Block Information

Visual Map

Similar Families

Similar Families

Files Modified

Files Modified

Windows API Usage

Windows API Usage

Shell Command Execution

Shell Command Execution

Submit Comment

Trending

Up-to-Date Method to Block Computer Viruses is Revealed

ExportMasters

Notifygear.com

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

How to Fix 'macOS cannot verify that this app is...

Discord Shows Black Screen when Sharing Screen