Adware.OpenSUpdater.FDF
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Popularity Rank: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Popularity Rank: | 2,739 |
| Threat Level: | 20 % (Normal) |
| Infected Computers: | 603 |
| First Seen: | June 5, 2024 |
| Last Seen: | April 20, 2026 |
| OS(es) Affected: | Windows |
Table of Contents
Analysis Report
General information
| Family Name: | Adware.OpenSUpdater.FDF |
|---|---|
| Signature status: | No Signature |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
0b24594af803273542ea5e9967db3c4c
SHA1:
fe1f3cc6ba12ff7a8f9cb898ac6043e56cfff831
File Size:
614.26 KB, 614263 bytes
|
|
MD5:
e5f39598c31fca441d8b680ea0514d1e
SHA1:
99c5b69ab665adff56af505bf82dd230123d0566
File Size:
499.11 KB, 499106 bytes
|
|
MD5:
7ab8ef08dc03ae8ebae629ada0fb5f68
SHA1:
2ab86b037872fefa190b1d07abf80de46860eadf
File Size:
2.74 MB, 2744030 bytes
|
|
MD5:
6b2fb5cac9f748b5740f82f097523ba3
SHA1:
520e5835ba45477816ae9d9a011675ba262f2fbe
File Size:
466.75 KB, 466750 bytes
|
|
MD5:
23104d29ce5aa5ddea7d1b9d43a34b7f
SHA1:
2015fbb40fe5e295f07f39658975b8a2df1ed802
File Size:
527.00 KB, 526996 bytes
|
Show More
|
MD5:
0377a760c5de093a922762e6239cb0cc
SHA1:
97fd606fefb3ee05d6a359f4b326456844ccc7ba
File Size:
479.10 KB, 479102 bytes
|
|
MD5:
ac02c3ec64540ef6b1759c6b7c01eb3f
SHA1:
b4995ba16b05a4dbb8ab2b1bdb3bb17296ee5565
SHA256:
AA0AB9180BC3610D31772520D388E4AD0680AA88DCCD1AD923002CAF535083AF
File Size:
517.03 KB, 517032 bytes
|
|
MD5:
7e98cffef12af094a7f2d10079cdd2a1
SHA1:
99cb8d96e8f3c24affad441e01342f9842195186
SHA256:
33C0722F284920A3666C357EDFD18149303027393AAF5144FE160A52DED5B1D7
File Size:
501.89 KB, 501888 bytes
|
|
MD5:
dd4e915fe26ea1c8ab6051a246fdda60
SHA1:
cbea1a3457d27dc6c5d7beab9cf90604724dd8fb
SHA256:
A8EB4D738DAB75EDF4E05486291DC1ECFEF91CCCEEA4FE9C88408D0D2AD52469
File Size:
500.26 KB, 500261 bytes
|
|
MD5:
176cfcedca552389a95f1f8dcb084c1e
SHA1:
e7198007f0c99687bd46cb7c48bec6fc952c7c11
SHA256:
A95303225551DA7F7EDCC63BE5109869CA3F12C1A4932F93614D05B965CCA00B
File Size:
447.68 KB, 447675 bytes
|
|
MD5:
94d16e6e72a81abd82361e2ace144a61
SHA1:
ac06429555c5c6f0ece37dbe215377937702541f
SHA256:
700827B2E3265E31C79BBD4D97FC3FC847AD1BED7E883AA2DBA19B0B4D43FB72
File Size:
493.96 KB, 493965 bytes
|
|
MD5:
0c8cc7307aa19a314e873e8bbe7f2212
SHA1:
d2e34fc211aab8e361c2e7258ab445f7ff952691
SHA256:
77C1C87F914E92D7DF9DAE7B0123A8E66A603D678E6CC7CA3BD90AD2443977D7
File Size:
515.14 KB, 515136 bytes
|
|
MD5:
b26d92551443c4aa50e5d35ad9d2c5b3
SHA1:
35750e3344810289e94f4902d63e88e092fd2579
SHA256:
F699F8B10D6E647DD4875FC93E7DD36EE763E1BBFDADA38BCB9FE8738323CF36
File Size:
523.24 KB, 523238 bytes
|
|
MD5:
4171ae4e281fc4d1c0041f9bedca7011
SHA1:
a594e0fe48209fd814d55c853e27699b2a5b9584
SHA256:
E6D19F7A48E8A76F6863B06B81E19A20A3F0C53841DE795BD28F1133B6123502
File Size:
556.97 KB, 556970 bytes
|
|
MD5:
c065601966d87fa646c70b0ca7ddd577
SHA1:
fcce456961b487c94e8ae74edd61577c8139f8b6
SHA256:
621B242CDD80B080F17610CBB15CC521840701ABA4A4FF398313FF93EF50CA43
File Size:
1.07 MB, 1070383 bytes
|
|
MD5:
cd85cd62ba3fbc73d7668c4520025e69
SHA1:
9c6a4e8364af10fd6465f887f9630c911f0dede3
SHA256:
F81E210EC101B998A7FD2884B571B56D17C0B45AE80F2DA2DE6A3E930A705837
File Size:
577.53 KB, 577534 bytes
|
|
MD5:
dabc790397fb09b33376f631d484e903
SHA1:
3561e3cc80f3781617c6feab7db17d0c351585a7
SHA256:
F043CCA8D7E2EAAAE33E0F6EC0CA5ECB30B55FBA730109AAAAB9B07EB6B1729A
File Size:
919.58 KB, 919576 bytes
|
|
MD5:
39fecbb3822576a92fd5f4ef0db786e8
SHA1:
a4ed39f2eaa5749530dab0d8bd1b6f0f1343f7b9
SHA256:
40FD1F1E98FFD0A918522882AD6C6A5B848DCFE01B45628BF3ADA59562E11AE0
File Size:
449.30 KB, 449297 bytes
|
|
MD5:
0ce01480f4d4210ba2fec9664d834a3d
SHA1:
57de37068820e936072b5dcd760064e43ab9bef9
SHA256:
2EA40C1D585AE8C2FA4FEDA24FDE422854042E1D83489337205E36616A331D27
File Size:
1.86 MB, 1855515 bytes
|
|
MD5:
88df3c9752f947de6f6c4e1db636a170
SHA1:
9587ba5e0ec5af56998f22e63b111c267d27ab3d
SHA256:
BF0E92458F27D4975AFD783F44A32B3AAE524E59C6D58F1FEDA85270A24CB34A
File Size:
523.86 KB, 523860 bytes
|
|
MD5:
6096f9b45441c1fd33cb92ae7ecc9a17
SHA1:
4122081c08e577a797cdd366d4f9fd9ae1b7719d
SHA256:
4070440CA9F62EB66ACF3C4ADD437FBB985AD07B90C721AB81AFC0CAD242D00B
File Size:
485.81 KB, 485815 bytes
|
|
MD5:
27798beb0ac77fc61b44b9b0bd7de017
SHA1:
534db000f3524f5824e8c6e502147d8b7aab4555
SHA256:
81615590947D42443A2CFFE9B70EB6EBF25046B613332340AB0025E8330796E9
File Size:
1.27 MB, 1271128 bytes
|
|
MD5:
c4ce5f7b85d5db9e4d78e2bec9461b8d
SHA1:
c71a675bca8e82ccaee3cf2c851814d43a344f59
SHA256:
C4390ED1E45C1274A3E5C321226F4B63C3F8E3B05647F02A15945D6F40F12381
File Size:
490.51 KB, 490515 bytes
|
|
MD5:
b11f9328a5607a15a562a7884964cb20
SHA1:
c158064dbc84b15710e37ab6d5f52b82b6c1a633
SHA256:
8DFEB0E6CCE7E05EF6873A747212F8FB379CB1C2F011323408BEEB51CE4EDB4C
File Size:
497.22 KB, 497224 bytes
|
|
MD5:
10ead752518562275eeed7897e6b7d20
SHA1:
90af5deeeb526e3ea317577145c6c62b555fa811
SHA256:
7762CE4D736CF84C27633ED07C061EC13190E7BF516A8CD5DA5B3A49902026C9
File Size:
568.36 KB, 568362 bytes
|
|
MD5:
9ade13df480ad55649032cb31502760d
SHA1:
bb3ba381ed3352369339ed86ff2007027a7f942a
SHA256:
44191D18A6F99E58E073B08978E429AD4B09B269B714B4526C4D620A4689F3C8
File Size:
478.98 KB, 478976 bytes
|
|
MD5:
5630fcd4c7f7568bc889d463913994a1
SHA1:
3d9a1ae58fe8e1f12eb319ecd6be9a372869af00
SHA256:
5255543F1073384D7B555C56AD7FDA19E8BD37C77B2FDB59218B2D9D10F78E56
File Size:
498.09 KB, 498093 bytes
|
|
MD5:
4681c5875a828d62fa98e381eba8b387
SHA1:
2a28f6b39086695c20e2e9a929d7f1fc205f827d
SHA256:
52F06525D5EA0D39727AAB5CD088E116534D46D603287321722F524FC67C6923
File Size:
447.68 KB, 447675 bytes
|
|
MD5:
d83577ffd61a83301694d60e61306718
SHA1:
90973b1ad3cee3c2818384b7b78ee34414f09471
SHA256:
C1AF2028235B527D44F1CC59E896F981FB62093CD32408BE3306907B244DD580
File Size:
514.43 KB, 514434 bytes
|
|
MD5:
c53531c51520ddac1e01cb5cc6e0e59a
SHA1:
7b423ffc89db135695eb3379afb8d5f3d1d2af38
SHA256:
9C293269D4E80471009BB676A8A4E5D5297E79AF2226765D3E6588D07031B0F3
File Size:
455.64 KB, 455639 bytes
|
|
MD5:
d6e506ec073f18090d1aaeef3bf2eb0e
SHA1:
cffd3d2e591c63f3f3330051602fec8f40bfa0e1
SHA256:
C389C6E3D8155815C93238528DF4670CE1DC16383054E208723CE2D928A00C74
File Size:
522.42 KB, 522423 bytes
|
|
MD5:
d169936d60d37cb8d6a0cf531b444959
SHA1:
67ab77e37cba323ae7a17ee7b844408f7837bab1
SHA256:
CD389FACCEB75734265C830550AD57A1E0ED00C175F7F19225E55192F56FB7E0
File Size:
450.94 KB, 450939 bytes
|
|
MD5:
c559c76f70288a83f829a97b1b6bdca0
SHA1:
de9abaface84b3b04a8f70f63ad16183ee3af7b5
SHA256:
DA2D7341CEFB3488274B107C48F0BB41E22C85797BF8BA83B4385875E15DDA8A
File Size:
630.09 KB, 630085 bytes
|
|
MD5:
163c2fb146b0e7588d792c7ad8e33b57
SHA1:
1c16af8b3c6e7177bb20bdd22e5fadbc61193ed5
SHA256:
7E0A3B117B00C5A980ED8395F00D27FD01F699FA420F955CBC1DF8F3FD1364AB
File Size:
573.12 KB, 573115 bytes
|
|
MD5:
6c896ee6865f5d56e9746e6505bb2fd4
SHA1:
2bd96f119d6f8bbdc7a387d2d26508600a0023fa
SHA256:
59CFDE7E0FD8E5D61C60EB15F863A5600176784165505147B5802CF3A7482F49
File Size:
4.23 MB, 4232707 bytes
|
|
MD5:
a3e96c655b804318fca22b0eb1dba2e6
SHA1:
7b9f41b4ab26b56a7e8653cf12642bbce03a335e
SHA256:
CADA3BC01E5F92F47345A97B6E8B3C1973C981D20FE1A9CB8621D8823D93C383
File Size:
461.74 KB, 461742 bytes
|
|
MD5:
8fada5dc81a3225f9a3e967e54571799
SHA1:
dbc9024eb1c2809ad9b5226444e3e9b2c332fa0c
SHA256:
5BDE6CAFA417F4C284DDF461927025FB8CE7C87F4FD4EEE5A2D5D39A57A842FF
File Size:
494.04 KB, 494037 bytes
|
|
MD5:
d5fa879145f722a7ff2b0f9a1e50489c
SHA1:
3d5bb6b37eb90ade62ea97bf4d935b7be619915d
SHA256:
B782DEC0DB2E05759E5CF308D179483D54AEB99132F14C80BC43C222CB9932C6
File Size:
523.24 KB, 523238 bytes
|
|
MD5:
20cc18acda31b61d66f18e8dfbc3aabd
SHA1:
dd3279d9272dce9f3e754bec904b868cfdd9ca68
SHA256:
3E4DF2A8A4675899B62B9A0C1B8FD7416794A5F24B4F2DB30FB82418876FC695
File Size:
2.35 MB, 2348398 bytes
|
|
MD5:
cad60406e28edc62ef96f11574459dbf
SHA1:
dc66857fcee267978803cfb2464b6fb28bc7e0d3
SHA256:
1EB2C129F1764747B1130DFD82D090A2B9EA67DECCD200A6BB0AB454D038345F
File Size:
461.60 KB, 461598 bytes
|
|
MD5:
cc925f983530daf1c15f0dc4d0cd5447
SHA1:
392d41817b16106b3570fe858b5f2d49b5077c0b
SHA256:
BA3FA32F687BE7282E1FE019B71443C372918132CCC08B8BA5B0238C37F3B582
File Size:
513.04 KB, 513039 bytes
|
|
MD5:
27058485a0cf4655046a931cc47dcaa5
SHA1:
90018692e67f65bc6be6eaedf70d91f2f2104a7d
SHA256:
5F81F40B667530A2D90A113A1D9091DF1F132052770A6E41EF12F414FF8785AE
File Size:
503.05 KB, 503045 bytes
|
|
MD5:
b5fdae29a3f8c3f8a641ecae597b823c
SHA1:
3612f249ae5abfba4d65c28b9edf5200030a718e
SHA256:
6C875E2B62E2FB132312BA660852A6A87C1C25CA1084B4BE1D028AC1B7C6F3BC
File Size:
1.83 MB, 1827074 bytes
|
|
MD5:
4d68f9c0cc920b186fa45f203ce45db2
SHA1:
4e588cb8f16454597ff40e867f1994ab0f106197
SHA256:
C831787FAA2CD6CDECE862B1FD99E00393DBE849D8541146DBDDEFDB7CF3E728
File Size:
506.19 KB, 506195 bytes
|
|
MD5:
3d2ae2fd096e68a8ca308ce215ab7dd6
SHA1:
07e5af46e5d94e751ce36c054d225111a86bac27
SHA256:
012DD7097E2FCD93CA28332281C5358E7F783276DC48DF0242EA23597D850341
File Size:
452.07 KB, 452071 bytes
|
|
MD5:
2165b6207365ffb7ab06b67f6a941ccc
SHA1:
82d895956c867a438b6e6741a4e0ab431fb3000a
SHA256:
EBD4B61E27C9E54D6F8964F5467C0BAB379CF8E2844919CBC11845461466D771
File Size:
487.89 KB, 487895 bytes
|
|
MD5:
a0279d4ace803150d3e92947b46dc7bf
SHA1:
c71f1ef1c49f6798cfdee813b03185776a08387c
SHA256:
B311DFA3EB48EDF6598230466A6CC6627342F25813228E99A6286D7BBC0EE934
File Size:
451.66 KB, 451663 bytes
|
|
MD5:
f0b67af564d9457a17dd902cd6e909e6
SHA1:
29512092d11fa4340a4eeedd842c891cdbcd89b7
SHA256:
A8DCE44F2072B127AAEBED4AB7B22DA1180DE72D68B88A6231AF6BA3972BA637
File Size:
498.09 KB, 498093 bytes
|
|
MD5:
edb8bfc30880c504f09380b10b43f30e
SHA1:
76f4bbc42bc3052f213dc2eabbf759c5ef027b9b
SHA256:
3521EE4F47EEA4974C4CBA6D91EF2706B8135E7A2A520BBA7D0F12D9B751BCF9
File Size:
488.67 KB, 488670 bytes
|
|
MD5:
17d9e5a7a39a844a8ab98c52cb6c7b45
SHA1:
bf49ad4c66959ea2f80517d6434f960f0cde3899
SHA256:
066BCA8CA43E312A14AFB0DA26FC856F8A97ED578690D4F871D1D53B7AF6E085
File Size:
513.39 KB, 513393 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have exports table
- File doesn't have security information
- File has TLS information
- File is 32-bit executable
- File is either console or GUI application
- File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
- File is Native application (NOT .NET application)
- File is not packed
- IMAGE_FILE_DLL is not set inside PE header (Executable)
Show More
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
File Icons
File Icons
This section displays icon resources found within family samples. Malware often replicates icons commonly associated with legitimate software to mislead users into believing the malware is safe.
File Traits
- big overlay
- No Version Info
- x86
Block Information
Block Information
During analysis, EnigmaSoft breaks file samples into logical blocks for classification and comparison with other samples. Blocks can be used to generate malware detection rules and to group file samples into families based on shared source code, functionality and other distinguishing attributes and characteristics. This section lists a summary of this block data, as well as its classification by EnigmaSoft. A visual representation of the block data is also displayed, where available.| Total Blocks: | 488 |
|---|---|
| Potentially Malicious Blocks: | 31 |
| Whitelisted Blocks: | 457 |
| Unknown Blocks: | 0 |
Visual Map
0
0
0
0
0
0
0
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
0
x
x
x
0
0
x
0
0
x
x
0
x
x
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
0
0
0
1
1
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
1
1
0
2
1
0
0
0
0
0
0
0
0
0
0
0
0
1
1
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
2
0
3
1
1
2
0
1
0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block
? - Unknown Block
x - Potentially Malicious Block
Similar Families
Similar Families
This section lists other families that share similarities with this family, based on EnigmaSoft’s analysis. Many malware families are created from the same malware toolkits and use the same packing and encryption techniques but uniquely extend functionality. Similar families may also share source code, attributes, icons, subcomponents, compromised and/or invalid digital signatures, and network characteristics. Researchers leverage these similarities to rapidly and effectively triage file samples and extend malware detection rules.- Agent.AIZA
- Agent.AN
- Agent.ANH
- Agent.GDFK
- Agent.TJR
Show More
- Farfli.PC
- Kryptik.CBS
- Redline.CE
- Trojan.Agent.Gen.BEV
- Trojan.Kryptik.Gen.DGK
- Trojan.ShellcodeRunner.Gen.CL
- Trojan.ShellcodeRunner.Gen.LT
