Multi-License Discount Quote

Change Region

English
Threat Database Potentially Unwanted Programs PUP.ProudBrowser.A

PUP.ProudBrowser.A

By CagedTech in Potentially Unwanted Programs

Analysis Report

General information

Family Name: PUP.ProudBrowser.A
Signature status: Root Not Trusted

Known Samples

MD5: 94d36d75f9e585822240b2852e22bf0b
SHA1: c4dc57688aa69f5fd5637d5ae7695561fc3fe69e
SHA256: F0C07363B44F90EDED8EAFFA6678EF98132485975136CEF294A32DDA560E210C
File Size: 2.96 MB, 2958728 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have relocations information
  • File has exports table
  • File has TLS information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Comments This installation was built with Inno Setup.
Company Name Ramadutha Software Services
File Description ProudBrowser Setup
File Version 1.0.1.0
Legal Copyright Ramadutha Software Services © 2021
Product Name ProudBrowser
Product Version 1.0.1.0

Digital Signatures

Signer Root Status
Ramadutha Software Services USERTrust RSA Certification Authority Root Not Trusted
Ramadutha Software Services USERTrust RSA Certification Authority Root Not Trusted

Files Modified

File Attributes
c:\users\user\appdata\local\temp\is-msenu.tmp\c4dc57688aa69f5fd5637d5ae7695561fc3fe69e_0002958728.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\is-u0him.tmp\_isetup\_isdecmp.dll Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\is-u0him.tmp\_isetup\_setup64.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\is-u0him.tmp\proudbrowserplugin.dll Generic Write,Read Attributes

Registry Modifications

Key::Value Data API Name
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\content::cacheprefix RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\cookies::cacheprefix Cookie: RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\history::cacheprefix Visited: RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
Show More
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey
HKLM\software\wow6432node\proudbrowser::ss RegNtPreCreateKey
HKLM\software\wow6432node\proudbrowser::mp qa7tOYIHgSzIhcOs+AbVOxe4uehvALBg9wTALxls9D4fS31WTlVZXcJeIuhZqmJyhRtlgNgrj9gkmiwasbOUP+2zDbiyCfQsD9jYCN49Ims= RegNtPreCreateKey

Windows API Usage

Category API
Process Shell Execute
  • CreateProcess
User Data Access
  • GetUserObjectInformation
Keyboard Access
  • GetKeyState
Network Wininet
  • HttpOpenRequest
  • HttpSendRequest
  • InternetConnect
  • InternetOpen

Shell Command Execution

"C:\Users\Nefavqwz\AppData\Local\Temp\is-MSENU.tmp\c4dc57688aa69f5fd5637d5ae7695561fc3fe69e_0002958728.tmp" /SL5="$30238,1966422,843264,c:\users\user\downloads\c4dc57688aa69f5fd5637d5ae7695561fc3fe69e_0002958728"

Trending

Most Viewed

Loading...