Submission Summary:

What's been foundSeverity Level
Registers a 32-bit in-process server DLL.
Registers a Browser Helper Object (Microsoft's Internet Explorer plugin module).

 

Technical Details:

 

File System Modifications

#Filename(s)File SizeFile Hash
1 %CommonAppData%\TheBflix\background.html 4,835 bytes MD5: 0x6FD4036380E23CC9F39A5A6238A1B5C3
SHA-1: 0x6C083546647FAF76A50321B798712F6ACCF7172C
2 %CommonAppData%\TheBflix\bhoclass.dll 141,824 bytes MD5: 0x8ED6BC95711DE1A9DD814B8F0393B4FF
SHA-1: 0x9EA0359886B32C6F6A16350D48E71F1FDA45CB20
3 %CommonAppData%\TheBflix\content.js 386 bytes MD5: 0xD586FC8E96D1F063DE1C8E7CE3AE31E7
SHA-1: 0x2FE7970A27489A5A001F334258272B9EFC7A09D2
4 %CommonAppData%\TheBflix\ppjemjejnnojomfekgbpbbnecicblllf.crx 38,103 bytes MD5: 0x8586E4A158BF96A5D19DD798CFC9FF8C
SHA-1: 0xE715C6010E72C77D6DD1C7FE052FBB67153A5631
5 %CommonAppData%\TheBflix\settings.ini 557 bytes MD5: 0xDE89342A80FF9F96179D16DAE6EB257D
SHA-1: 0x1DB5FE5CADC3E4548422FC96F798813603A41CD4
6 %CommonAppData%\TheBflix\uninstall.exe 47,376 bytes MD5: 0xF5FC21E4B64951A435845F6F605941CE
SHA-1: 0x6BEEB36CF13C7BC1805A12201E1FFF94CCDAC417
7 %CommonPrograms%\TheBflix\TheBflix.lnk 278 bytes MD5: 0xC148888BEABD7A67623303804984FF3C
SHA-1: 0xE21874917A6830448C7DCC19E0080EE9D9FEF29F
8 %CommonPrograms%\TheBflix\Uninstall.lnk 769 bytes MD5: 0x6CE473E79EC27F28FF761C6E55F2171F
SHA-1: 0x8D8B4FEB1DAC72DD3128E37D5E9555D620E73588
9 c:\settings.ini 510 bytes MD5: 0xF35AAA221EB79BB2F220BCBB354A95A0
SHA-1: 0x0CDD17F72836DD642219A00393F3B9B67D945524
10 [file and pathname of the sample #1] 316,981 bytes MD5: 0x0BE17742CABAED3A2845364C27270AA3
SHA-1: 0xBFF3FDDB0EEDB56F4347B6C0A2E6C7F8DA87C236

 

Registry Modifications

 

Other details

Israel

 

 

All content ("Information") contained in this report is the copyrighted work of Threat Expert Ltd and its associated companies ("ThreatExpert") and may not be copied without the express permission of ThreatExpert.

The Information is provided on an "as is" basis. ThreatExpert disclaims all warranties, whether express or implied, to the maximum extent permitted by law, including the implied warranties that the Information is merchantable, of satisfactory quality, accurate, fit for a particular purpose or need, or non-infringing, unless such implied warranties are legally incapable of exclusion. Further, ThreatExpert does not warrant or make any representations regarding the use or the results of the use of the Information in terms of their correctness, accuracy, reliability, or otherwise.

Copyright © 2014 ThreatExpert. All rights reserved.