hemen deneyelim
LİG TV İZLEME PROGRAMI
- Konbuyu başlatan Brat Child
- Başlangıç tarihi
https://www.virustotal.com/tr/url/4...29dc890b0c3c52a2da428e51/analysis/1484236106/
birkaç antivirüs teklikeli görüyor...
Mediaget daha çok Adware kategorisine giren bir tehlikeli...
şimdi analiz yapıyorum...
connection
(protocol: HTTPS/1.1) C:\ejeaaf\fbrhv.exe (v. 1.0.0.0) 193.0.201.102 : 443
send https://install.mediaget.com/ind... Mozilla/4.0 (compatible; MSIE 6....
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
282 bytes
\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\823DF37C8C583AB09B96F976F1B549F012849D68
process C:\ejeaaf\fbrhv.exe (v. 1.0.0.0)
valueType REG_BINARY
value Blob
valueDataSize 1559
data
0f0000000100000020000000ad11d73c908d33ccbf0b8a73043233f462ba8abda04ad5a1701bedf04d9b71f4030000000100000014000000823df37c8c583ab09b96f976f1b549f012849d682000000001000000bf050000308205bb308203a3a003020102020101300d06092a864886f70d01010b0500306b310b30090603550406130255533110300e06035504070c075265646d6f6e64311e301c060355040a0c154d6963726f736f667420436f72706f726174696f6e312a302806035504030c214d6963726f736f66742043657274696669636174696f6e20417574686f726974793022180f32303136313231333135353134315a180f32303236313231313135353134315a306b310b30090603550406130255533110300e06035504070c075265646d6f6e64311e301c060355040a0c154d6963726f736f667420436f72706f726174696f6e312a302806035504030c214d6963726f736f66742043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a0282020100aa77be9a7a77349bcdd01346a2594c67348ba7b7cfd20177a19ef8db1ef09600b7e851f2db7c5a90b933480d1b60e51e2ddd7ab35fc873c723f1de955b360a3b1b21e170ae3ac615bd50fcc863a043e8d87eef6c6801bcd51fc01940d8aba02ef2f629598c18463aa2c23c5ffa7b46c95ef29e3c0405637d15000b1acfde6d7f641d16c4c178d4f96ce4d536f47a35e60976ded21eb248f804bb1045bde62d2bcd45aa1f70d27a5ed7ff36d0d08791a33b46f333ab527e2787fa6a463b19c2c36ec28cc63a845a5688fda515761369bdde0b6ade9e95359b2e2b3eed75f357ecb9d554cc59aa913412ea303ad8d3e16f1d7a944adbbcc92df432f2dc4d68bb06e79f7fb3ddb20906875c5d4662caa86dfccbe94f698b4cec0eb799ab637e33fe2e1ce32c7facb51ed521f80c748fa6297194003e0ebe8a63ccc4433c1d29fdd36e439ca7ffb4189c9b74ac1dc9dee0435abdbb6d90685d37a56f3dc57e70758b080d188371f9e44699f3bde3d2de4230b92931130f6d2b132ff8a504ebf67be8544b5e17654df924cf28983d9dfc80f8c4755032350d0d8f94f13947056f22174814d20e849233da02b885d1f56e78c5c8bdc9c6584b8db9a2b7ba1cab88209776b72b1e105f0504782e1446ccec3a7cb7329c045e951e2a9bd65e8fa340fa69a8b44ff0f876c7b9c37d000ab53784cad00fa51fee4e730a40bcfbf8195bdaa10203010001a366306430120603551d130101ff040830060101ff020100300e0603551d0f0101ff040403020106301d0603551d0e04160414833d01f4092ca984cb8ac7c013c84c6ae5f46acb301f0603551d23041830168014833d01f4092ca984cb8ac7c013c84c6ae5f46acb300d06092a864886f70d01010b050003820201001ca8b47394bf560b85e6eea2104a4132e10d3dac8c3d2415400e481751be68d89b23a7e6d7f2413009b8cb0e4477919a7cf97466ce38ed4938a8b6851e703b9531bbb88c7f79013b7d26818f99554d4f960bf9f25b26dd61de4f36eeeb25a2a3e9b2416e34f4356c01e8b7325db004ad90b60b390923cc7ff782e7671e6d978beaf81a6c53e600bfdd2b9f7af3e1066a9902cc86916d210be30e48ef74e129bd5a5fe5002b8a84d7165dc89ba723e2f5ad0f45e1aeb0845cddae2a882dc6b09347c0483c639128958a62c879a4a700b9418d15878e053801221ed5611478f2dc2cc8674b0c6d7d40ff17dc8432dc01a66e63df211928c5e288af4563dad1276a1af3986f0fb582569d81fd076670cefe8161c2347c3af87c86e9f0d35af2a8ff8f03e9bfccf98bdd09c355623c9e915f83fd57c2f17eeeae2d5884233fa45d454a96870aab6d922b8411eea4a1bc298132c7f0029eda4471e169688898681332321c755587445b7ef5b854e763c03f40e4fb3f0f2bd1cae13d776d135aa1fa39e7d2c54683b28ba635e1f1c2258ae9e857f195c44bf96dfa57035c03545120dda3290c8cedaf3655a79daad4728f3abe11e85fa35fd282f905c6b4d2e1020ed007d7d61bb5754a35b89536c0a332450080ba65c989ec17491b1267a01c3cd210eb6355ff143d682da3d28fa017a8ee413d6e8e5dfccba46bb4782c419f32f814
----Host resolved---------------Alias chain----------------Addresses---
install.mediaget.com statserver.mediaget.com 37.19.5.146 - 193.0.201.102
RAT yada Trojan değildir fakat MediaGet Adware Zararlısıdır...
-----ADWARE-----
İndirmeyiniz!
birkaç antivirüs teklikeli görüyor...
Mediaget daha çok Adware kategorisine giren bir tehlikeli...
şimdi analiz yapıyorum...
connection
(protocol: HTTPS/1.1) C:\ejeaaf\fbrhv.exe (v. 1.0.0.0) 193.0.201.102 : 443
send https://install.mediaget.com/ind... Mozilla/4.0 (compatible; MSIE 6....
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
282 bytes
\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\823DF37C8C583AB09B96F976F1B549F012849D68
process C:\ejeaaf\fbrhv.exe (v. 1.0.0.0)
valueType REG_BINARY
value Blob
valueDataSize 1559
data
0f0000000100000020000000ad11d73c908d33ccbf0b8a73043233f462ba8abda04ad5a1701bedf04d9b71f4030000000100000014000000823df37c8c583ab09b96f976f1b549f012849d682000000001000000bf050000308205bb308203a3a003020102020101300d06092a864886f70d01010b0500306b310b30090603550406130255533110300e06035504070c075265646d6f6e64311e301c060355040a0c154d6963726f736f667420436f72706f726174696f6e312a302806035504030c214d6963726f736f66742043657274696669636174696f6e20417574686f726974793022180f32303136313231333135353134315a180f32303236313231313135353134315a306b310b30090603550406130255533110300e06035504070c075265646d6f6e64311e301c060355040a0c154d6963726f736f667420436f72706f726174696f6e312a302806035504030c214d6963726f736f66742043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a0282020100aa77be9a7a77349bcdd01346a2594c67348ba7b7cfd20177a19ef8db1ef09600b7e851f2db7c5a90b933480d1b60e51e2ddd7ab35fc873c723f1de955b360a3b1b21e170ae3ac615bd50fcc863a043e8d87eef6c6801bcd51fc01940d8aba02ef2f629598c18463aa2c23c5ffa7b46c95ef29e3c0405637d15000b1acfde6d7f641d16c4c178d4f96ce4d536f47a35e60976ded21eb248f804bb1045bde62d2bcd45aa1f70d27a5ed7ff36d0d08791a33b46f333ab527e2787fa6a463b19c2c36ec28cc63a845a5688fda515761369bdde0b6ade9e95359b2e2b3eed75f357ecb9d554cc59aa913412ea303ad8d3e16f1d7a944adbbcc92df432f2dc4d68bb06e79f7fb3ddb20906875c5d4662caa86dfccbe94f698b4cec0eb799ab637e33fe2e1ce32c7facb51ed521f80c748fa6297194003e0ebe8a63ccc4433c1d29fdd36e439ca7ffb4189c9b74ac1dc9dee0435abdbb6d90685d37a56f3dc57e70758b080d188371f9e44699f3bde3d2de4230b92931130f6d2b132ff8a504ebf67be8544b5e17654df924cf28983d9dfc80f8c4755032350d0d8f94f13947056f22174814d20e849233da02b885d1f56e78c5c8bdc9c6584b8db9a2b7ba1cab88209776b72b1e105f0504782e1446ccec3a7cb7329c045e951e2a9bd65e8fa340fa69a8b44ff0f876c7b9c37d000ab53784cad00fa51fee4e730a40bcfbf8195bdaa10203010001a366306430120603551d130101ff040830060101ff020100300e0603551d0f0101ff040403020106301d0603551d0e04160414833d01f4092ca984cb8ac7c013c84c6ae5f46acb301f0603551d23041830168014833d01f4092ca984cb8ac7c013c84c6ae5f46acb300d06092a864886f70d01010b050003820201001ca8b47394bf560b85e6eea2104a4132e10d3dac8c3d2415400e481751be68d89b23a7e6d7f2413009b8cb0e4477919a7cf97466ce38ed4938a8b6851e703b9531bbb88c7f79013b7d26818f99554d4f960bf9f25b26dd61de4f36eeeb25a2a3e9b2416e34f4356c01e8b7325db004ad90b60b390923cc7ff782e7671e6d978beaf81a6c53e600bfdd2b9f7af3e1066a9902cc86916d210be30e48ef74e129bd5a5fe5002b8a84d7165dc89ba723e2f5ad0f45e1aeb0845cddae2a882dc6b09347c0483c639128958a62c879a4a700b9418d15878e053801221ed5611478f2dc2cc8674b0c6d7d40ff17dc8432dc01a66e63df211928c5e288af4563dad1276a1af3986f0fb582569d81fd076670cefe8161c2347c3af87c86e9f0d35af2a8ff8f03e9bfccf98bdd09c355623c9e915f83fd57c2f17eeeae2d5884233fa45d454a96870aab6d922b8411eea4a1bc298132c7f0029eda4471e169688898681332321c755587445b7ef5b854e763c03f40e4fb3f0f2bd1cae13d776d135aa1fa39e7d2c54683b28ba635e1f1c2258ae9e857f195c44bf96dfa57035c03545120dda3290c8cedaf3655a79daad4728f3abe11e85fa35fd282f905c6b4d2e1020ed007d7d61bb5754a35b89536c0a332450080ba65c989ec17491b1267a01c3cd210eb6355ff143d682da3d28fa017a8ee413d6e8e5dfccba46bb4782c419f32f814
----Host resolved---------------Alias chain----------------Addresses---
install.mediaget.com statserver.mediaget.com 37.19.5.146 - 193.0.201.102
RAT yada Trojan değildir fakat MediaGet Adware Zararlısıdır...
-----ADWARE-----
İndirmeyiniz!
Acilsin Bir Bakalim