Marketing Text Ads
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Popularity Rank: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Popularity Rank: | 24,241 |
| Threat Level: | 20 % (Normal) |
| Infected Computers: | 120 |
| First Seen: | March 31, 2016 |
| Last Seen: | January 28, 2026 |
| OS(es) Affected: | Windows |
In-text advertisements are a way of site owners to promote service and products that are related to their content, and that may be helpful. However, in-text advertisements might be injected by a third-party application on the visitor's PC and more often than not that may be caused by adware. Security analysts alert that the Marketing Text adware is specialized in injecting in-text ads and displaying pop-ups with interactive promotions powered by the Adobe Flash animation. The Marketing Text adware may be offered to users as a shopping companion and search optimizer for online stores like Amazon, eBay, Best Buy and Alibaba. The Marketing Text adware may be delivered to users via free software bundles. It is important to note that the primary objective of the Marketing Text adware is to generate maximum affiliate marketing revenue, and Marketing Text may cover your desktop with numerous advertisements. Security analysts report that the Marketing Text adware is similar to Newzio and Microengine and may run as a portable program from the hidden AppData folder on the system drive.
The commercials from Marketing Text may feature the slogan 'Powered by{{markeiting_text}}' and appear on your new tab page and every page you open with Google Chrome, Internet Explorer and Mozilla Firefox. Additionally, the Marketing Text adware may welcome users to provide their email addresses and phone numbers to receive real-time updates on upcoming promotions, discounts and coupons. You should not provide your personal contact details to the Marketing Text to avoid spam mail and phishing messages. The Marketing Text adware may use executable DLL files to alter the way your Web browser renders pages and load insecure content. The Marketing Text adware may attach a browser plug-in to avoid being blocked by ad blocking extensions. By being integrated into your browser, the Marketing Text may prove elusive to uninstall, and users may experience browser crashes while attempting to delete the Marketing Text adware manually. Fortunately, you could install a trusted anti-spyware instrument to take care of the Marketing Text adware and prevent security problems.
Table of Contents
Analysis Report
General information
| Family Name: | Adware.Linkury.BB |
|---|---|
| Signature status: | No Signature |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
415a379354b2d0062059ac2e997ef350
SHA1:
67cb124e407af9b4689721732fa6887c3fc2d820
SHA256:
DBBCF34FD19DC1DBDE703910397CED022CD287F2F883E3E633346E0269FF73A2
File Size:
939.01 KB, 939008 bytes
|
|
MD5:
373d1f240486d7dc0c60d08c4fc19258
SHA1:
c5f20ad24fe47c65df023cab49ece3210524459c
SHA256:
DDCE2E683BD7A6C69E065FCF16BBDA3EF78184475BEC1FFAF9BD03E344F95C64
File Size:
941.57 KB, 941568 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have debug information
- File doesn't have exports table
- File doesn't have security information
- File is 32-bit executable
- File is either console or GUI application
- File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
- File is Native application (NOT .NET application)
- File is not packed
- IMAGE_FILE_DLL is not set inside PE header (Executable)
Show More
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
File Traits
- HighEntropy
- No Version Info
- x86
Block Information
Block Information
During analysis, EnigmaSoft breaks file samples into logical blocks for classification and comparison with other samples. Blocks can be used to generate malware detection rules and to group file samples into families based on shared source code, functionality and other distinguishing attributes and characteristics. This section lists a summary of this block data, as well as its classification by EnigmaSoft. A visual representation of the block data is also displayed, where available.| Total Blocks: | 444 |
|---|---|
| Potentially Malicious Blocks: | 32 |
| Whitelisted Blocks: | 395 |
| Unknown Blocks: | 17 |
Visual Map
? - Unknown Block
x - Potentially Malicious Block
Windows API Usage
Windows API Usage
This section lists Windows API calls that are used by the samples in this family. Windows API usage analysis is a valuable tool that can help identify malicious activity, such as keylogging, security privilege escalation, data encryption, data exfiltration, interference with antivirus software, and network request manipulation.| Category | API |
|---|---|
| Process Manipulation Evasion |
|
| Thread Create Remote |
|
