Multi-License Discount Quote

Change Region

English
Threat Database Adware Adware.Multiplug.J

Adware.Multiplug.J

By CagedTech in Adware

Threat Scorecard

Popularity Rank: 7,644
Threat Level: 20 % (Normal)
Infected Computers: 1,314
First Seen: September 2, 2021
Last Seen: April 6, 2026
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Adware.Multiplug.J
Signature status: Modified signature

Known Samples

MD5: 435fec0540cfd8a13dad0dc4b5b7f6b4
SHA1: 541813c8dbbbcd0071e53eea41ce010184dfb244
SHA256: 8C3D30A8C30C4935E5C0E64CB7244C4FCFE96407A6C604F5235FD4917CA82FB2
File Size: 906.44 KB, 906440 bytes
MD5: bae9e718248508452f7e0c8a088efbd5
SHA1: 93486c2d3dd0c4393ed402b21538421a0c30a478
SHA256: F5FBFC731E0274B82A497B59504F81EC6F848CF3373694AD19F7D30DC5CC3277
File Size: 301.49 KB, 301488 bytes
MD5: 270c122ea18aa776c323ed5e03e44d81
SHA1: 2dd46193aebc67d5d34277710c0c4c24c49077a5
SHA256: 7EBDCFD534D25844F7D2E27190B670D3A0328ECE98EBB6049DF500DF2FCD9564
File Size: 7.41 MB, 7408752 bytes
MD5: 98102de4ac25b6735a23e28689111fa3
SHA1: b7e5276ad9a03edd04e6ecd09cea04048fff40fb
SHA256: 05A1658905C93C0EF33BEB84EFDC686D3806D6AD0B0463FCD836D18F847C5646
File Size: 323.21 KB, 323208 bytes
MD5: 3ef46f5d8311aca445d346490bda2dcd
SHA1: 7c7ce85f9cdf3d175dd46c0c95f2de7d8e370992
SHA256: 1B55735978FC4C7BB115C0BDE0C2C3E30AD57EA8788168C77CA671E62FA5333C
File Size: 513.02 KB, 513024 bytes
Show More
MD5: defd9ec5142156367279da312d0bd23d
SHA1: d38ea794ce8f6a28bf9b16c4627b883712b5c00e
SHA256: 360AEF85D68FF19951808C316A50144801EF0D0E521E7C464654463975673F34
File Size: 296.70 KB, 296704 bytes
MD5: c8b14fb112e099d0f9ba153314656b37
SHA1: 665db5aaa80ec2ad40c324f4372e92b8033b11b6
SHA256: B0BFA47543F8B37A95CC0F3622017B055A8AA1809C2FD72FFD7096BF33D3DB99
File Size: 297.66 KB, 297664 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have exports table
  • File doesn't have security information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Arguments /x
Comments
  • Win32 (x86) ANSI
  • Win32 (x86) ANSI Lib Rel
  • WinNT (x86) Unicode Lib Rel
Company Name
  • Back To The Future Trading
  • BillP Studios
  • Premium
  • StarApp
  • Teddy App
  • Virtavia
Email
  • ron@backtothefuturetrading.com
  • support@winpatrol.com
File Description
  • Installer
  • Installer for StarApp
  • Installer for Teddy App
  • Installer for Virtavia Westland Merlin EH101 FS2004
  • Installer for WinPatrol
File Version
  • 2014.7.3.1536
  • 2014.5.22.1809
  • 2013.7.4.1638
  • 2013.4.26.1824
  • 2012.8.22.1858
  • 2012.8.9.1543
  • 2010.12.30.2229
Internal Name TSULoader
Legal Copyright
  • Copyright © 1997- 2013 BillP Studios
  • Copyright © 2010 Back To The Future Trading
  • Copyright © 2010 Premium
  • Copyright © 2012 StarApp
  • Copyright © 2014 Teddy App
  • Copyright © 2014 Virtavia
Original Filename TSULoader.exe
Package Code
  • {5A355D86-1A57-64E1-C2D4-78914C75FC1D}
  • {9EFFE7FB-E3B9-44BF-A654-AB9B451CC50D}
  • {972C743E-5AC9-4474-A69F-12EB4CCF56C8}
  • {9150130D-192A-4C4C-59BC-3CC97BEE5661}
  • {CC5BA13C-F8B8-D52D-E3D4-FC85C8775041}
  • {D17A4653-5723-4482-E197-B54DB06FF3B6}
  • {F07920B3-ED40-E659-D0A0-E97DF455D1CE}
Product Code
  • {4BB7A109-FDB5-45E3-9DB9-ECB2EA7B80EE}
  • {9F4F7131-B49B-4521-91DA-ECE2C1E54741}
  • {42D37A99-4C68-485D-9B61-A8394FD9D46E}
  • {6928E3EC-7A6D-4123-B305-70BFE8D56347}
  • {19355D02-0E24-4300-B23F-EC963C772066}
  • {78644CF7-0B71-4118-BE21-219D47D6BC9E}
Product Name
  • FluxCapacitor
  • Setup
  • StarApp
  • Teddy App
  • Virtavia Westland Merlin EH101 FS2004
  • WinPatrol
Product Version
  • 28.1.2013.0
  • 7.0.1000.1
  • 1.0.0.3
  • 1.0.0.1
  • 1.0
  • 1
Web Site
  • http://www.BackToTheFutureTrading.com
  • http://www.winpatrol.com
  • www.virtavia.com

Digital Signatures

Signer Root Status
BillP Studios AddTrust External CA Root Hash Mismatch
Rikoooo Simulation Rikoooo Simulation Self Signed

File Traits

  • HighEntropy
  • Installer Manifest
  • Installer Version
  • x86

Block Information

Total Blocks: 27
Potentially Malicious Blocks: 8
Whitelisted Blocks: 19
Unknown Blocks: 0

Visual Map

0 0 0 0 0 0 0 0 x x x x 0 0 0 0 0 0 x x x 0 0 x 0 0 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Brute.DD
  • Multiplug.J

Files Modified

File Attributes
c:\users\user\appdata\local\temp\2dd46193aebc67d5d34277710c0c4c24c49077a5_0007408752.log Generic Write,Read Attributes
c:\users\user\appdata\local\temp\39f456c6.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\39f456c6.dat Synchronize,Write Attributes
c:\users\user\appdata\local\temp\39f456c6\_setup.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\39f456c6\_setup.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\39f456c6\readme.txt Generic Write,Read Attributes
c:\users\user\appdata\local\temp\39f456c6\readme.txt Synchronize,Write Attributes
c:\users\user\appdata\local\temp\39f456c6\setup.exe Generic Write,Read Attributes
c:\users\user\appdata\local\temp\39f456c6\setup.exe Synchronize,Write Attributes
c:\users\user\appdata\local\temp\39f456c6\setup.ico Generic Write,Read Attributes
Show More
c:\users\user\appdata\local\temp\39f456c6\setup.ico Synchronize,Write Attributes
c:\users\user\appdata\local\temp\541813c8dbbbcd0071e53eea41ce010184dfb244_0000906440.log Generic Write,Read Attributes
c:\users\user\appdata\local\temp\665db5aaa80ec2ad40c324f4372e92b8033b11b6_0000297664.log Generic Write,Read Attributes
c:\users\user\appdata\local\temp\7c7ce85f9cdf3d175dd46c0c95f2de7d8e370992_0000513024.log Generic Write,Read Attributes
c:\users\user\appdata\local\temp\93486c2d3dd0c4393ed402b21538421a0c30a478_0000301488.log Generic Write,Read Attributes
c:\users\user\appdata\local\temp\9a0ee864.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\9a0ee864.dat Synchronize,Write Attributes
c:\users\user\appdata\local\temp\9a0ee864\_setup.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\9a0ee864\_setup.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\9a0ee864\setup.exe Generic Write,Read Attributes
c:\users\user\appdata\local\temp\9a0ee864\setup.exe Synchronize,Write Attributes
c:\users\user\appdata\local\temp\9a0ee864\setup.ico Generic Write,Read Attributes
c:\users\user\appdata\local\temp\9a0ee864\setup.ico Synchronize,Write Attributes
c:\users\user\appdata\local\temp\a0e5becc.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\a0e5becc.dat Synchronize,Write Attributes
c:\users\user\appdata\local\temp\a0e5becc\_setup.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\a0e5becc\_setup.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\a0e5becc\readme.txt Generic Write,Read Attributes
c:\users\user\appdata\local\temp\a0e5becc\readme.txt Synchronize,Write Attributes
c:\users\user\appdata\local\temp\a0e5becc\setup.exe Generic Write,Read Attributes
c:\users\user\appdata\local\temp\a0e5becc\setup.exe Synchronize,Write Attributes
c:\users\user\appdata\local\temp\a0e5becc\setup.ico Generic Write,Read Attributes
c:\users\user\appdata\local\temp\a0e5becc\setup.ico Synchronize,Write Attributes
c:\users\user\appdata\local\temp\b7e5276ad9a03edd04e6ecd09cea04048fff40fb_0000323208.log Generic Write,Read Attributes
c:\users\user\appdata\local\temp\c4007a36.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\c4007a36.dat Synchronize,Write Attributes
c:\users\user\appdata\local\temp\d38ea794ce8f6a28bf9b16c4627b883712b5c00e_0000296704.log Generic Write,Read Attributes
c:\users\user\appdata\local\temp\e1a9cbae.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\e1a9cbae.dat Synchronize,Write Attributes
c:\users\user\appdata\local\temp\edb2160c.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\edb2160c.dat Synchronize,Write Attributes
c:\users\user\appdata\local\temp\f83929b2.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\f83929b2.dat Synchronize,Write Attributes
c:\users\user\appdata\local\temp\tsu-15c0.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\tsu-15c0.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\tsu-1b1c.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\tsu-1b1c.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\tsu14226d7e.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\tsu14226d7e.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\tsu97adab2d.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\tsu97adab2d.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\tsub82a4529.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\tsub82a4529.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\tsube747b71.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\tsube747b71.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\tsuf548bf2b.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\tsuf548bf2b.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\{06f8ae38-0fa4-4239-a0d2-4786dd1b8cce}\_setup.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\{06f8ae38-0fa4-4239-a0d2-4786dd1b8cce}\_setup.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\{06f8ae38-0fa4-4239-a0d2-4786dd1b8cce}\custom.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\{06f8ae38-0fa4-4239-a0d2-4786dd1b8cce}\custom.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\{06f8ae38-0fa4-4239-a0d2-4786dd1b8cce}\readme.txt Generic Write,Read Attributes
c:\users\user\appdata\local\temp\{06f8ae38-0fa4-4239-a0d2-4786dd1b8cce}\readme.txt Synchronize,Write Attributes
c:\users\user\appdata\local\temp\{06f8ae38-0fa4-4239-a0d2-4786dd1b8cce}\setup.exe Generic Write,Read Attributes
c:\users\user\appdata\local\temp\{06f8ae38-0fa4-4239-a0d2-4786dd1b8cce}\setup.exe Synchronize,Write Attributes
c:\users\user\appdata\local\temp\{06f8ae38-0fa4-4239-a0d2-4786dd1b8cce}\setup.ico Generic Write,Read Attributes
c:\users\user\appdata\local\temp\{06f8ae38-0fa4-4239-a0d2-4786dd1b8cce}\setup.ico Synchronize,Write Attributes
c:\users\user\appdata\local\temp\{3bd77441-8ce2-c555-f3ac-88df3ffb853c}\_setup.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\{3bd77441-8ce2-c555-f3ac-88df3ffb853c}\_setup.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\{3bd77441-8ce2-c555-f3ac-88df3ffb853c}\_setupx.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\{3bd77441-8ce2-c555-f3ac-88df3ffb853c}\_setupx.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\{3bd77441-8ce2-c555-f3ac-88df3ffb853c}\setup.exe Generic Write,Read Attributes
c:\users\user\appdata\local\temp\{3bd77441-8ce2-c555-f3ac-88df3ffb853c}\setup.exe Synchronize,Write Attributes
c:\users\user\appdata\local\temp\{3bd77441-8ce2-c555-f3ac-88df3ffb853c}\setup.ico Generic Write,Read Attributes
c:\users\user\appdata\local\temp\{3bd77441-8ce2-c555-f3ac-88df3ffb853c}\setup.ico Synchronize,Write Attributes
c:\users\user\appdata\local\temp\{cbd8102b-c1ec-57cc-6135-c5d1cff4e156}\_setup.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\{cbd8102b-c1ec-57cc-6135-c5d1cff4e156}\_setup.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\{cbd8102b-c1ec-57cc-6135-c5d1cff4e156}\_setupx.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\{cbd8102b-c1ec-57cc-6135-c5d1cff4e156}\_setupx.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\{cbd8102b-c1ec-57cc-6135-c5d1cff4e156}\setup.exe Generic Write,Read Attributes
c:\users\user\appdata\local\temp\{cbd8102b-c1ec-57cc-6135-c5d1cff4e156}\setup.exe Synchronize,Write Attributes
c:\users\user\appdata\local\temp\{cbd8102b-c1ec-57cc-6135-c5d1cff4e156}\setup.ico Generic Write,Read Attributes
c:\users\user\appdata\local\temp\{cbd8102b-c1ec-57cc-6135-c5d1cff4e156}\setup.ico Synchronize,Write Attributes
c:\users\user\appdata\local\temp\{e7421af6-1602-4334-a1df-5e203ca13800}\_setup.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\{e7421af6-1602-4334-a1df-5e203ca13800}\_setup.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\{e7421af6-1602-4334-a1df-5e203ca13800}\custom.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\{e7421af6-1602-4334-a1df-5e203ca13800}\custom.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\{e7421af6-1602-4334-a1df-5e203ca13800}\readme.txt Generic Write,Read Attributes
c:\users\user\appdata\local\temp\{e7421af6-1602-4334-a1df-5e203ca13800}\readme.txt Synchronize,Write Attributes
c:\users\user\appdata\local\temp\{e7421af6-1602-4334-a1df-5e203ca13800}\setup.exe Generic Write,Read Attributes
c:\users\user\appdata\local\temp\{e7421af6-1602-4334-a1df-5e203ca13800}\setup.exe Synchronize,Write Attributes
c:\users\user\appdata\local\temp\{e7421af6-1602-4334-a1df-5e203ca13800}\setup.ico Generic Write,Read Attributes
c:\users\user\appdata\local\temp\{e7421af6-1602-4334-a1df-5e203ca13800}\setup.ico Synchronize,Write Attributes

Registry Modifications

Key::Value Data API Name
HKCU\software\microsoft\windows\currentversion\internet settings::receivetimeout RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\content::cacheprefix RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\cookies::cacheprefix Cookie: RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\history::cacheprefix Visited: RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey

Windows API Usage

Category API
Service Control
  • OpenSCManager
User Data Access
  • GetUserName
  • GetUserObjectInformation
Network Wininet
  • HttpOpenRequest
  • HttpSendRequest
  • InternetConnect
  • InternetOpen
Network Info Queried
  • GetAdaptersInfo

Trending

Most Viewed

Loading...