Awesome Dealers
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 19,682 |
Threat Level: | 10 % (Normal) |
Infected Computers: | 76,492 |
First Seen: | October 12, 2020 |
Last Seen: | March 8, 2024 |
OS(es) Affected: | Windows |
The Awesome Dealers software may be promoted to users as a shopping enhancer. The Awesome Dealers software can be found in free software packages and on hxxp://awesomedealers.com/index.html. You should note that the developers of the Awesome Dealers do not take responsibility for any content provided through their software. Additionally, PC users are not given the opportunity to specify the way how they would like to receive updates and notifications from the Awesome Dealers program. We have received complaints regarding the Awesome Dealers app in the first weeks of November 2017.
It appears that the behavior of the Awesome Dealers became somewhat aggressive and PC users were subjected to waves of spam messages, notifications, browser redirects, and notifications with marketing materials. There are cybersecurity researchers who classify the Awesome Dealers program as adware and a Potentially Unwanted Program (PUP). Lab tests have shown that the Awesome Dealers adware communicates with the following IP addresses:
162.255.119.250
52.84.64.153
54.230.0.159
54.230.0.224
54.230.0.234
54.230.0.30
54.230.0.80
As mentioned above, the Awesome Dealers adware is designed to deliver content from third parties to your screen. We have detected that the Awesome Dealers adware loads images, video, and text from the following URLs:
hxxp://artafric[.]com/boxd/renew.php?rand=13InboxLightaspxn.1774256418
hxxp://awesomesoftstohavealways[.]website/
hxxp://freshupdatestoinstallsafely[.]online/
hxxp://getnewadsforawesomsoft[.]online/
hxxp://setupupgrade45678safesystems[.]download/
hxxp://updatestoget4freealwaystoday[.]website/
hxxp://workingupdate247safesystems4you[.]download/
The data downloaded by the Awesome Dealers adware includes tracking cookies and persistent Web beacons. The resources loaded by the Awesome Dealers adware may be insecure and lead users to download riskware. The Awesome Dealers adware is reported to display pages colored in black that feature a button colored in green and suggest the user proceed with the download of promotional content. The files and pages presented by the Awesome Dealers are likely to be tagged by AV scanners as:
- HTML:Redirector-HQ [Trj]
- JS.Z.Agent.13385.Q
- JS/Techbrolo.A!Eldorado
- JS:Trojan.Cryxos.D461
- SupportScam:JS/TechBrolo.F
- Suspicious_GEN.F47V1109
- Trojan.HTML.FakeAlert
SpyHunter Detects & Remove Awesome Dealers
File System Details
# | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|---|
1. | rlls64.dl_ | cc0d25ff5c41f46a59b592867765c62c | 13,392 |
2. | rlls.dl_ | f949546ac2c4c8b6da746f5ac00a9d01 | 6,342 |
3. | rlservice.exe | 40bc7aaacab71f603662590a0028e827 | 4,571 |
4. | rlservice.exe | 38b3c82edfc1839ff79a8832b56bcf2a | 4,052 |
5. | rlvknlg.exe | 4895963f5a029d03e1d81cb71ad4168b | 2,912 |
6. | rlvknlg32.exe | 629d3c19cd65593f518986d240aac735 | 2,848 |
7. | rlvknlg64.exe | d758f0f48ade788cf3ea60c6293c498a | 2,608 |
8. | rlvknlg.exe | 550737266503571619bc6ca939e4af6b | 2,563 |
9. | rlvknlg32.exe | f00d2b52edb5070c0ea683de04a0a954 | 2,421 |
10. | rlvknlg64.ex_ | 68d7324ba0773b18853916efcffce529 | 2,209 |
11. | rkinstaller.exe | cf8361bd4360c31db7ed331a3e855576 | 1,405 |
12. | rkverify.exe | 60db193bce83f05363c874fec9b310c5 | 669 |
13. | rkinstaller.exe | 53e0b8a1e570bae84ce2f72a1d889b81 | 522 |
14. | spt_setup.exe | 89c8796cd6169d14531791b7388bc0e9 | 291 |
15. | rlvknlg.exe | dedb374c58801ff2b6bb515c87720a93 | 38 |
16. | rlls64.dll | 5417f1ec92429ef41ed17eb5bbb4f249 | 38 |
17. | rlls.dll | b4a262f7a440a830de2fabc16327b5c4 | 37 |
18. | 3e632d7f0392251dd0b3049734163f5c_RKInstall_050620.exe | 3e632d7f0392251dd0b3049734163f5c | 35 |
19. | rlservice.exe | 34aff57d6f2f1c074573b7aaa573092a | 34 |
20. | rlvknlg32.exe | 3f128ed69207decf2fc07526f8dc656c | 31 |
21. | rlvknlg64.exe | fc1b0b7cd09b3f88a759f3b9a9ac3023 | 31 |
22. | PowerSoundEditorFree.exe | eed30fdf147ff30a24f2279d13e3bbe5 | 25 |
23. | FreeOCRtoWord.exe | 57595cf8580c67962475d19518572d49 | 24 |
24. | RKInstall_052919.exe | 76d1bc443d9a01e017783b9a96b6079b | 23 |
25. | rk_setup_EN.exe | 5f253092541445f2c54db1387cf2fa85 | 8 |
26. | uprkset.exe | 6a38c053466eab3656074f81ddc00d77 | 4 |
27. | rlph.dll | dab262f4d7d17676f9f80a28116f89e5 | 2 |
28. | rk_setup_EN.exe | fba926d9646ef2981f75d25ae3fe5d1a | 0 |