Threat Database Adware GorillaPrice

GorillaPrice

By Sumo3000 in Adware

Threat Scorecard

Ranking: 10,230
Threat Level: 50 % (Medium)
Infected Computers: 43,332
First Seen: August 1, 2013
Last Seen: September 5, 2023
OS(es) Affected: Windows

GorillaPrice is a browser add-on, which gives Internet users a variety of coupons, savings, and offers. GorillaPrice is beneficial to many online shoppers because it helps to save money through numerous deals and coupons. However, GorillaPrice is identified as an adware program by security researchers. Numerous computer users are not aware of how GorillaPrice invaded the PC. Therefore, GorillaPrice is classified as GorillaPrice Virus by some PC users. GorillaPrice usually comes packaged with freeware or shareware applications. When GorillaPrice accesses the corrupted PC, it shows disturbing pop-up advertisements on the desktop of the computer. These advertisements pose a risk to the compromised PC if the computer user clicks on links. Scammers are using unidentified services such as GorillaPrice to deliver a variety of malware threats to victimized computers. GorillaPrice is also used by cybercrooks to make money from click fraud. GorillaPrice also records the attacked PC user's browsing activities on the compromised Internet browser. GorillaPrice traces the victim's browsing habits, is aware of the most visited websites, and is aware of which products the affected computer looks for the most.

Aliases

12 security vendors flagged this file as malicious.

Anti-Virus Software Detection
AVG Generic6.PID
McAfee-GW-Edition RDN/Generic PUP.x!c2y
Comodo ApplicUnwnt
Avast Win32:Injector-COO [Trj]
Symantec Trojan.Gen.2
K7AntiVirus Adware ( 004bb5b41 )
Sophos Generic PUA NL
Symantec WS.Reputation.1
Avast Win32:Dropper-gen [Drp]
AVG Generic6.MGL
McAfee Artemis!F0095C66445B
McAfee-GW-Edition BehavesLike.Win32.BadFile.ch

SpyHunter Detects & Remove GorillaPrice

File System Details

GorillaPrice may create the following file(s):
# File Name MD5 Detections
1. ntcache.exe a8c598b5ad235d7d9d83bff7f10e6c6e 47
2. ntcache.exe b93c8260ec767ce3796e1220e8532986 26
3. ntcache.exe c9a6ed159cf5987c173d678eb49d5982 21
4. ntcache.exe 3080e1b2306794b922e5740a6c7a3306 19
5. ntcache.exe f868e6392ca3edbaf48fa662cd3d2e46 18
6. ntcache.exe f883f84b97ce1452ed2f413735cca746 17
7. ntcache.exe 520bf7f6ea46a763b25816ee12a10d2f 16
8. ntcache.exe 655321ab15c70455c4e7efea546558aa 15
9. ntcache.exe 67a1f93cddb9435e5d9f59e829b7fddb 15
10. ntcache.exe 26dafbcfb1b93c5303dc5cd6b2026bbd 14
11. ntcache.exe 38fe3cc8e4697e8b7ef0f135cac9772a 14
12. ntcache.exe e3bf22cdfcab82db5560f2923b8b0e34 13
13. ntcache.exe 5b64cb892ebb895c49cac495a2538fa9 13
14. ntcache.exe df6468b9055f62ca8ca999728b8a467b 13
15. ntcache.exe 0c9bb76372f014305533cf73d6868dc5 12
16. ntcache.exe f8d52c8df76195f30fb8a24455349498 12
17. ntcache.exe 50036edc44a3224df1816062343f0ce8 12
18. ntcache.exe fd9e09258034096a15d9b0da2b766d44 12
19. ntcache.exe 9cc36f828874765eb5d213a0ed556ff4 11
20. ntcache.exe 502e4df4b6907162e8134e2f0b18a212 11
21. ntcache.exe d6467a11ef20c87bea0e5bb9a85474db 11
22. ntcache.exe 514d9a25198d20c895cc194252b561df 11
23. ntcache.exe decb33ad6e04ecdf717f97b4d7f4fbad 10
24. ntcache.exe 4d5fbbf51e1fe0e80f7105a349bc6671 10
25. ntcache.exe f95f105627ec79ea2cc1debaabbd474f 10
26. ntcache.exe 0f627b773d9a3a95f8fa069c805c27b4 9
27. ntcache.exe 62ffd2b3ae81e7093ec7eabc856f1e67 9
28. ntcache.exe 3c611a1e19f3b2e75184989426cfe950 9
29. ntcache.exe 1cc7c4e0f272bc257f1e4cc9511fe07e 9
30. ntcache.exe f980de164a42e3ed309c40ec48c49098 9
More files

Registry Details

GorillaPrice may create the following registry entry or registry entries:
CLSID
{98168995-CA43-4c33-BE81-99E6694468A4}
Regexp file mask
%ALLUSERSPROFILE%\Microsoft\Windows\NetworkCacheMan\ntcache.exe
%ALLUSERSPROFILE%\Microsoft\Windows\NetworkCacheManager\ntcache.exe
%APPDATA%\Microsoft\Windows\UserChecker\uchecker.exe
%appdata%\Mozilla\Firefox\{a131ab52-77f3-4bd7-acc7-e2dfdfd298f0}.xpi
Software\AppDataLow\Software\NetNucleous
SOFTWARE\GrillaPrice
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{98168995-CA43-4c33-BE81-99E6694468A4}
SOFTWARE\Mozilla\Firefox\extensions\{a131ab52-77f3-4bd7-acc7-e2dfdfd298f0}
Software\NetNucleous
SOFTWARE\Wow6432Node\GorillaPrice
SOFTWARE\Wow6432Node\GrillaPrice
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{98068995-CA43-4c33-BE80-99E6694468A4}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\GorillaPrice
SOFTWARE\Wow6432Node\Mozilla\Firefox\extensions\{a131ab52-77f3-4bd7-acc7-e2dfdfd298f0}
SYSTEM\ControlSet001\services\GorillaPrice
SYSTEM\ControlSet001\Services\GrillaPrice
SYSTEM\ControlSet002\Services\GrillaPrice
SYSTEM\CurrentControlSet\Services\GorillaPrice
SYSTEM\CurrentControlSet\Services\GrillaPrice

Directories

GorillaPrice may create the following directory or directories:

%ALLUSERSPROFILE%\GorillaPrice
%ALLUSERSPROFILE%\Microsoft\Windows\MKStat
%ALLUSERSPROFILE%\Microsoft\Windows\MKeeperStat
%PROGRAMFILES%\GrillaPrice
%PROGRAMFILES(X86)%\GorillaPrice
%PROGRAMFILES(x86)%\GrillaPrice
%PROGRAMFILES(x86)%\Windows Media Player\grillaprice
%ProgramFiles%\GorillaPrice

URLs

GorillaPrice may call the following URLs:

GPComponent
GorillaPrice

Trending

Most Viewed

Loading...