SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  LiveKeys.A_10
LiveKeys.A_10 is an Adware. Adware, or advertising-supported software, is any software that automatically renders advertisements in order to generate revenue for its author. The advertisements may be in the user interface of the software or on a screen presented to the user during the installation process. It is usually annoying but harmless, unless it is combined with spyware or trackware.

Mutexes created
  • DBWinMutex


Directory level activity
    • Nothing to report


    File level activity
      • Nothing to report


      Registry level activity
        • Nothing to report


        Library level activity
        • load - library - kernel32.dll
        • load - library - KERNEL32
        • load - library - user32.dll
        • load - library - C:\DOCUME~1\TestMachine\LOCALS~1\Temp\ad8fe848f6a5cd1b685d2b9c0d516ba8ENU.dll
        • load - library - C:\DOCUME~1\TestMachine\LOCALS~1\Temp\ad8fe848f6a5cd1b685d2b9c0d516ba8LOC.dll
        • load - library - COMCTL32.DLL
        • load - library - UxTheme.dll
        • load - library - C:\DOCUME~1\TestMachine\LOCALS~1\Temp\ad8fe848f6a5cd1b685d2b9c0d516ba8.bin
        • load - library - USER32


        Process API calls used
        • NtOpenSection
        • NtOpenSection


        Registry API calls used
        • RegOpenKeyExA
        • RegQueryValueExA
        • RegCloseKey
        • RegCloseKey


        System API calls used
        • LdrGetDllHandle
        • LdrGetProcedureAddress
        • SetWindowsHookExA
        • LdrLoadDll
        • LdrGetProcedureAddress


        Filesystem API calls used
        • NtCreateFile

        Network

        UDP source >> destination
        • 192.168.30.10 >> 192.168.30.255
        • 192.168.30.10 >> 8.8.8.8


        TCP source >> destination
        • 192.168.30.10 >> 72.21.91.29



        Domains:
        • s.symcb.com with IP - 72.21.91.29
        • sw.symcb.com with IP - 72.21.91.29

        DNS Request:
        • sw.symcb.com
        • s.symcb.com

        HTTP Request:
        • GET URI - http://s.symcb.com/pca3-g5.crl
        • GET URI - http://sw.symcb.com/sw.crl

        DLL related data
        Number of DLL's imported = 13
        • KERNEL32.dll
        • USER32.dll
        • GDI32.dll
        • comdlg32.dll
        • WINSPOOL.DRV
        • ADVAPI32.dll
        • SHELL32.dll
        • COMCTL32.dll
        • SHLWAPI.dll
        • oledlg.dll
        • ole32.dll
        • OLEAUT32.dll
        • WINMM.dll


        Relevant Information