Submission Summary:

What's been foundSeverity Level
Produces outbound traffic.
Downloads/requests other files from Internet.
Registers a 32-bit in-process server DLL.
Registers a Browser Helper Object (Microsoft's Internet Explorer plugin module).

 

Technical Details:

 

File System Modifications

#Filename(s)File SizeFile Hash
1 %AppData%\PriceGong\Data\1.xml 19,448 bytes MD5: 0xE48E3180144AACC78ABC34D0ED65C5A6
SHA-1: 0x81EADEEFBED443651ED87ACE4506E29A73AFD8C6
2 %AppData%\PriceGong\Data\a.xml 85,816 bytes MD5: 0x735D5569E4842FEDFC53BD3FC7628702
SHA-1: 0xE8CABCB9976EC47C712C5DDA71D201CCB6BEA29A
3 %AppData%\PriceGong\Data\b.xml 115,856 bytes MD5: 0x3E85CFD1E7D66369EE3A4EF9C2A5F10E
SHA-1: 0xD5C4692FB8652629429BEE4B33E8899045C0CA0A
4 %AppData%\PriceGong\Data\c.xml 128,448 bytes MD5: 0x91204820A05510C716A8BE9CC2D06356
SHA-1: 0xA45FBC6C619085ADF13D1EEC7FFD2420C499A673
5 %AppData%\PriceGong\Data\d.xml 81,848 bytes MD5: 0xE5CB00195F57F360166E0CA3C5BC523A
SHA-1: 0xE49C99BA01DA26A9930980F8C29F15A65486FAD1
6 %AppData%\PriceGong\Data\e.xml 89,256 bytes MD5: 0x9CE25169E884E3EC39A77BBD88E4E1C5
SHA-1: 0x41D72CAB2D205AF06C228277DF9AF583B91F7129
7 %AppData%\PriceGong\Data\f.xml 51,304 bytes MD5: 0xEF7BFE12C1720DFB3F16BA24CAAC027E
SHA-1: 0xA1488B8F77823666E12266E203FE439DD9CA3D49
8 %AppData%\PriceGong\Data\g.xml 59,960 bytes MD5: 0xD252457018AB188CE6E3FDF59EACEC84
SHA-1: 0x68812659C6C9B3A3DCB8328882D30A1A16D147D6
9 %AppData%\PriceGong\Data\h.xml 45,264 bytes MD5: 0xB0F589F4ED729F226AB81419C0743954
SHA-1: 0xAB50D96C79006A9550B9E13B4AF670AFDA542FDC
10 %AppData%\PriceGong\Data\i.xml 39,928 bytes MD5: 0x1E7F1FA0C273BDE298EC202A1B5C1137
SHA-1: 0xF1AD44FE1CB94BBA9A8F7BA0C6437B3FC1EDD899
11 %AppData%\PriceGong\Data\J.xml 25,112 bytes MD5: 0x2F752D569BE7F11F3CCB8B7F1A14512A
SHA-1: 0xDDA030095593EBCD10B850C5A3DD1A59FD3916B9
12 %AppData%\PriceGong\Data\k.xml 21,896 bytes MD5: 0xEB7F1DD597F56299EE215E45446E6CC9
SHA-1: 0x806CA4D399A2ADC16E2A277A0136F200E28A0BB6
13 %AppData%\PriceGong\Data\l.xml 65,760 bytes MD5: 0xA0B608AF0FF5EC488D21C0338D3F449C
SHA-1: 0xDCBA4A0C6A45DFEA4D04B80F6518AA8BD6A606C3
14 %AppData%\PriceGong\Data\m.xml 86,136 bytes MD5: 0xEE67A2AD0054875082E8BEAEDEB0480A
SHA-1: 0x7902B6344C89C396AE378780012C793285BC2E58
15 %AppData%\PriceGong\Data\n.xml 27,608 bytes MD5: 0x08D5F174454F515C4B00B17A411C5570
SHA-1: 0xEB65FAFEAA5C421572E27DDC9223D6E8223E1A83
16 %AppData%\PriceGong\Data\o.xml 33,904 bytes MD5: 0xD74DE7172C0718A7CC3F6162BDB49137
SHA-1: 0x52384C16DFD46973B4A9714FBA94C22A1AB4FE17
17 %AppData%\PriceGong\Data\p.xml 77,264 bytes MD5: 0x9915CD989359C561BFF2D24A2BFA07F5
SHA-1: 0x24AA92C36D247858D45C8C535478B8A7A7B71F51
18 %AppData%\PriceGong\Data\q.xml 3,512 bytes MD5: 0x9D3B540DB955B5AA956AF2A0022F55BF
SHA-1: 0x4C2FFAEEDE364DFCECAA5FDB523A6D1CF8A83EAC
19 %AppData%\PriceGong\Data\r.xml 30,824 bytes MD5: 0xCB5EB647EF3E2FF91E5C09FD30528632
SHA-1: 0xCE905F3961DA333D7A0EFFDE9CC5FA20FB25C30B
20 %AppData%\PriceGong\Data\s.xml 128,336 bytes MD5: 0x405232D8873595F73909AEC8C92523F4
SHA-1: 0xF4306E3FDDE051B7A4873CA5BFC29A0956F94D42
21 %AppData%\PriceGong\Data\t.xml 63,440 bytes MD5: 0xC7F3350DD84FBABEE9A53005D5F1DB4E
SHA-1: 0x713A2083B5672B010B9850B3B261534A0AEDD604
22 %AppData%\PriceGong\Data\u.xml 14,432 bytes MD5: 0xF9E1191B708E848E2040E3C4558F69DB
SHA-1: 0x95109667E83A547F56FB6E64911548B49F89AD77
23 %AppData%\PriceGong\Data\v.xml 18,480 bytes MD5: 0x2570126C1DB10332F4004D2F17BC6FA0
SHA-1: 0x6B0463D9A01BB8A6DD42441BDABAE7BD684B51C3
24 %AppData%\PriceGong\Data\w.xml 27,696 bytes MD5: 0x238A356FBB65A3A4F8C7D2D1FD839A57
SHA-1: 0xBA44873E5AD3B90EC3CBEF3A3E72D6CCF084983C
25 %AppData%\PriceGong\Data\x.xml 2,176 bytes MD5: 0x323A541EC9E12F1FC87C482D4BB31867
SHA-1: 0x0A567C900DA5F2DD468E0BF3615ACDAAFF5CC524
26 %AppData%\PriceGong\Data\y.xml 6,448 bytes MD5: 0x118056EC0F1BB3DFA5B5E162C90644AE
SHA-1: 0x8C396699194303CF28017FB6ECD29288AC9490E1
27 %AppData%\PriceGong\Data\z.xml 7,712 bytes MD5: 0x56EC30412EFE1C396789ACA5BEC63B7F
SHA-1: 0x53243A6A085818857F5E2B0370156DC37126E7C3
28 %AppData%\Conduit\Community Alerts\LanguagePacks\en.xml 4,754 bytes MD5: 0x256C51151A843627B7CA4ECD2BB09FBB
SHA-1: 0x1DD135B8F7E33A9DC2E624CC89D7A50B6AD36647
29 %AppData%\Conduit\CT2856415\Elf_1AutoUpdateHelper.exe
%ProgramFiles%\ConduitEngine\ConduitEngineHelper.exe
%ProgramFiles%\Elf_1\Elf_1ToolbarHelper.exe
38,496 bytes MD5: 0xA320DF2B47CFCAF98D06EB59CD72084C
SHA-1: 0xED0A3155E7256B1EE3DAEA9B5251A4A3141592DC
30 %AppData%\ConduitEngine\CacheIcons\http___Storage_Conduit_com_BankImages_ConduitEngine_ContextMenu_About_png.png
%AppData%\Elf_1\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png
821 bytes MD5: 0x99D5F75C338F2A877CBF891E0F18746E
SHA-1: 0xD8C9E840C1F5C24B24CF9184F57DA0EAF507383A
31 %AppData%\ConduitEngine\CacheIcons\http___Storage_Conduit_com_BankImages_ConduitEngine_ContextMenu_Browse_png.png
%AppData%\Elf_1\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Browse_png.png
729 bytes MD5: 0xF2291FAB46ED9291A1A2FFE9F88E9D84
SHA-1: 0x2C7CDE46E3821024F6FDF336C5A5E5B9F7BBD494
32 %AppData%\ConduitEngine\CacheIcons\http___Storage_Conduit_com_BankImages_ConduitEngine_ContextMenu_Contact_png.png
%AppData%\Elf_1\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png
531 bytes MD5: 0xA847C5F6CE2C700048749892DD2E0619
SHA-1: 0xFE31F8A744662A52F930B9C9775584EF31B0EC8E
33 %AppData%\ConduitEngine\CacheIcons\http___Storage_Conduit_com_BankImages_ConduitEngine_ContextMenu_Hide_png.png
%AppData%\Elf_1\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png
669 bytes MD5: 0xFED9E00C76F647EE6A0B7CC684C89F0C
SHA-1: 0x3180AB21F3B9DA50C9F436E3E4F4105D00DE2289
34 %AppData%\ConduitEngine\CacheIcons\http___Storage_Conduit_com_BankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png
%AppData%\Elf_1\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png
734 bytes MD5: 0x943ADFD9E0DF1507F7BC419802BF4303
SHA-1: 0x7CA4DFAE78E394166767C916B6BDE19659809CAB
35 %AppData%\ConduitEngine\CacheIcons\http___Storage_Conduit_com_BankImages_ConduitEngine_ContextMenu_More_png.png
%AppData%\Elf_1\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png
562 bytes MD5: 0x36C6FB9C84D4AF5C5D7C5B277A0E4A01
SHA-1: 0xD683ED1303DC287F61C0FA2FACABC8572D68FC57
36 %AppData%\ConduitEngine\CacheIcons\http___Storage_Conduit_com_BankImages_ConduitEngine_ContextMenu_MoveLeft_png.png 610 bytes MD5: 0x68E9E9252E45ED7BD51B8680E8DD4462
SHA-1: 0x6ADBC289C1A16D68ECB42F3077D65BBE71C3016A
37 %AppData%\ConduitEngine\CacheIcons\http___Storage_Conduit_com_BankImages_ConduitEngine_ContextMenu_MoveRight_png.png 606 bytes MD5: 0x8D8D187BA99DBEF76E4286668B474A4E
SHA-1: 0x76E1542C2734F5CE92675B5DE067350D9A8636AD
38 %AppData%\ConduitEngine\CacheIcons\http___Storage_Conduit_com_BankImages_ConduitEngine_ContextMenu_Options_png.png
%AppData%\Elf_1\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png
493 bytes MD5: 0x275C9DA2D536F18F528C80E050C3D705
SHA-1: 0xA07031202B3495758619A7F86D2B7E48FEB0B077
39 %AppData%\ConduitEngine\CacheIcons\http___Storage_Conduit_com_BankImages_ConduitEngine_ContextMenu_Privacy_png.png
%AppData%\Elf_1\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png
706 bytes MD5: 0x3AD88BD8E832DA39FAAEDF07AD595F94
SHA-1: 0x6C9437BE57831928C7DA6746F1F8B54C9B5F4E21
40 %AppData%\ConduitEngine\CacheIcons\http___Storage_Conduit_com_BankImages_ConduitEngine_ContextMenu_Refresh_png.png
%AppData%\Elf_1\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png
674 bytes MD5: 0x650731EEF807C292E699779B12CBE552
SHA-1: 0xB6FD7E166FA1FE448301FBC2B11AE5325B11CF4C
41 %AppData%\ConduitEngine\CacheIcons\http___Storage_Conduit_com_BankImages_ConduitEngine_ContextMenu_Share_png.png
%AppData%\Elf_1\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Share_png.png
696 bytes MD5: 0x70D43EC3F4BD7C10D5534EFCEC6D7AE5
SHA-1: 0x7066A3BA72EC8A1B0A5162569ACF13B5D5A928C2
42 %AppData%\ConduitEngine\CacheIcons\http___Storage_Conduit_com_BankImages_ConduitEngine_ContextMenu_Upgrade_png.png
%AppData%\Elf_1\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Upgrade_png.png
607 bytes MD5: 0x9B4D914888BCFFCBAE6757A0E450551C
SHA-1: 0xC3C138518228F61CC4BC2F9D29AE569933BD5BCD
43 %AppData%\ConduitEngine\CacheIcons\http___www_conduit_com_images_skins_CT2400578_luly-backgroung_gif.gif
%AppData%\Elf_1\CacheIcons\http___www_conduit_com_images_skins_CT2400578_luly-backgroung_gif.gif
336 bytes MD5: 0x8F7B9F0C8797AC509E5D5B6D8AD5B46A
SHA-1: 0x0B2605EF347B393F8E1BA092B61112444454FC83
44 %AppData%\ConduitEngine\ConduitEngine.dll
%AppData%\Elf_1\tbElf_.dll
%Temp%\GLF7.tmp.tbElf_.dll
%Temp%\GLFF.tmp.ConduitEngine.dll
%ProgramFiles%\ConduitEngine\ConduitEngine.dll
%ProgramFiles%\Elf_1\tbElf_.dll
4,162,344 bytes MD5: 0xD6A51F524DC545A55F107B5A5A502CC1
SHA-1: 0xBFD72C046A3341D9273AF47B05EEB50A66725FF7
45 %AppData%\ConduitEngine\Dialogs\AddedAppDialog\app-added.js
%AppData%\Elf_1\Dialogs\AddedAppDialog\app-added.js
6,555 bytes MD5: 0x270066D6174A346AC8B5C44F7E3B0103
SHA-1: 0x8A29C633C03EF861D0EBBFFC1DE113DFC790FC56
46 %AppData%\ConduitEngine\Dialogs\AddedAppDialog\main.html
%AppData%\Elf_1\Dialogs\AddedAppDialog\main.html
1,941 bytes MD5: 0xD5B203DF653C692204139992A1407C3D
SHA-1: 0x25B7F9CF5B8D133BFD88107FEF1F535408C703F5
47 %AppData%\ConduitEngine\Dialogs\DefualtImages\icon.png
%AppData%\Elf_1\Dialogs\DefualtImages\icon.png
3,827 bytes MD5: 0x20F345ACB306D80871F1293EC1A46A5B
SHA-1: 0xDC45DAFFE44FFCC622C7F37E9AE32518D386E456
48 %AppData%\ConduitEngine\Dialogs\DetectedAppDialog\app-2go.js
%AppData%\Elf_1\Dialogs\DetectedAppDialog\app-2go.js
7,643 bytes MD5: 0x61CD803BCC4AA21D28FA61A2082B9AB1
SHA-1: 0x0707A700725F2748A73688DFD67E0AE55C2F45E5
49 %AppData%\ConduitEngine\Dialogs\DetectedAppDialog\main.html
%AppData%\Elf_1\Dialogs\DetectedAppDialog\main.html
2,393 bytes MD5: 0x2E9EFDCB59B7D11C9FDBCDDB56ABAAF4
SHA-1: 0xFE603D518405413BD76ED953B92ED235A4686669
50 %AppData%\ConduitEngine\Dialogs\DialogsAPI.js
%AppData%\Elf_1\Dialogs\DialogsAPI.js
8,825 bytes MD5: 0x383C1E44E836497F9959C7CDE40D18C3
SHA-1: 0x4BD63AD4BE49EFFEDF34BEE543A5E32FEAAABED7
51 %AppData%\ConduitEngine\Dialogs\EngineFirstTimeDialog\EngineFirstTimeDialog.js
%AppData%\Elf_1\Dialogs\EngineFirstTimeDialog\EngineFirstTimeDialog.js
9,170 bytes MD5: 0x85B840DC56B5C86082AD3A62BCABDD3B
SHA-1: 0x96B78F4EB9D209D93CE1E76B955DB1506FDBEA60
52 %AppData%\ConduitEngine\Dialogs\EngineFirstTimeDialog\main.html
%AppData%\Elf_1\Dialogs\EngineFirstTimeDialog\main.html
2,725 bytes MD5: 0x9E2083328286081888D76227CA528596
SHA-1: 0x7C94DBEBED282909D5CC9675CA62EC34688CD5A4
53 %AppData%\ConduitEngine\Dialogs\EngineFirstTimeDialog\right-click.gif
%AppData%\Elf_1\Dialogs\EngineFirstTimeDialog\right-click.gif
4,002 bytes MD5: 0x0E41C44D287E9676050C180CFEF41CD6
SHA-1: 0xA8F00BDE2C47286A2C570946C106A77FCB54E48E
54 %AppData%\ConduitEngine\Dialogs\excanvas.js
%AppData%\Elf_1\Dialogs\excanvas.js
27,045 bytes MD5: 0xC0CAD58F958C967912D024BBD714323E
SHA-1: 0xF0E4D90B4B7B5CE7A48C24F1252A06A35A3BCC84
55 %AppData%\ConduitEngine\Dialogs\generalDialogStyle.css
%AppData%\Elf_1\Dialogs\generalDialogStyle.css
10,331 bytes MD5: 0x3B0B0EC566CF13FD7CB5DB7BD5A594AD
SHA-1: 0x62D91427EE186F9BDC2D58B9DE6E8E1BBB23CBCE
56 %AppData%\ConduitEngine\Dialogs\PIE.htc
%AppData%\Elf_1\Dialogs\PIE.htc
28,280 bytes MD5: 0xE781697FFED7CF6F50919824269F69FE
SHA-1: 0x43FC18E56A5FD7D9F0FD08413422003C71937CA1
57 %AppData%\ConduitEngine\Dialogs\SearchProtectorDialog\main.html
%AppData%\Elf_1\Dialogs\SearchProtectorDialog\main.html
2,658 bytes MD5: 0x4CD6700EAF54519018482E2E9B1C4EEA
SHA-1: 0x9D2D40B53C3CC14959FD401E5393D1441AA0621A
58 %AppData%\ConduitEngine\Dialogs\SearchProtectorDialog\SearchProtector.css
%AppData%\Elf_1\Dialogs\SearchProtectorDialog\SearchProtector.css
6,675 bytes MD5: 0xF06736BC4ED7B0948AD15F90BE536BB2
SHA-1: 0x73E8FEA871D911481DBC8E960D281573A644D39A
59 %AppData%\ConduitEngine\Dialogs\SearchProtectorDialog\SearchProtector.js
%AppData%\Elf_1\Dialogs\SearchProtectorDialog\SearchProtector.js
8,909 bytes MD5: 0xCC93F80B7D98BED17116A895E72280C0
SHA-1: 0x5646D621AF2D8E2D54C3002D5F9A9D0870488549
60 %AppData%\ConduitEngine\Dialogs\settings.js
%AppData%\Elf_1\Dialogs\settings.js
152 bytes MD5: 0x628BB2AF95ABE092B37EB0603E8AF25A
SHA-1: 0xC437E9722635E6E7E3DA725EAAD1504C69818164
61 %AppData%\ConduitEngine\Dialogs\ToolbarFirstTimeDialog\images\app-store-icon.png
%AppData%\Elf_1\Dialogs\ToolbarFirstTimeDialog\images\app-store-icon.png
942 bytes MD5: 0x849F1EAFD2164C46FD73A143AD206B66
SHA-1: 0x06A80027C99525BE5155AFCEDB7016FBE5FA2677
62 %AppData%\ConduitEngine\Dialogs\ToolbarFirstTimeDialog\images\arrow.png
%AppData%\Elf_1\Dialogs\ToolbarFirstTimeDialog\images\arrow.png
1,181 bytes MD5: 0x75441E6BEAF79D1646529403E7EF991E
SHA-1: 0xA4222EAED3553F42D5BA9BCBDD2997E87C88768B
63 %AppData%\ConduitEngine\Dialogs\ToolbarFirstTimeDialog\images\divider.png
%AppData%\Elf_1\Dialogs\ToolbarFirstTimeDialog\images\divider.png
171 bytes MD5: 0xE0CBD8E658F678497C7E9EC0FCAA367D
SHA-1: 0x4157DBDD5563D20C1CFFFADEB6267661D9ED9591
64 %AppData%\ConduitEngine\Dialogs\ToolbarFirstTimeDialog\images\emailNotifier.gif
%AppData%\Elf_1\Dialogs\ToolbarFirstTimeDialog\images\emailNotifier.gif
546 bytes MD5: 0xF863F573944EBD1EE7115874A572EF3A
SHA-1: 0xB23F6042DD6804159E3FACB2C098EBAF74DAD105
65 %AppData%\ConduitEngine\Dialogs\ToolbarFirstTimeDialog\images\facebook.png
%AppData%\Elf_1\Dialogs\ToolbarFirstTimeDialog\images\facebook.png
874 bytes MD5: 0x84A51F18C44DE5690ACF53153383F01D
SHA-1: 0x7B95E5355F1FBB35BAE406788AC397438EAD5728
66 %AppData%\ConduitEngine\Dialogs\ToolbarFirstTimeDialog\images\radio.GIF
%AppData%\Elf_1\Dialogs\ToolbarFirstTimeDialog\images\radio.GIF
1,163 bytes MD5: 0xFB3B7EE5EAEDF1979D123BB78A880FE9
SHA-1: 0x836B94559DC635400063F606F82464A4EAFFDF76
67 %AppData%\ConduitEngine\Dialogs\ToolbarFirstTimeDialog\images\Thumbs.db
%AppData%\Elf_1\Dialogs\ToolbarFirstTimeDialog\images\Thumbs.db
14,336 bytes MD5: 0x19A24F8A3553B444F0E62712B96F4756
SHA-1: 0x0E9C618106469967CBED7446403544DB920AF721
68 %AppData%\ConduitEngine\Dialogs\ToolbarFirstTimeDialog\images\truste_welcome.GIF
%AppData%\Elf_1\Dialogs\ToolbarFirstTimeDialog\images\truste_welcome.GIF
2,337 bytes MD5: 0x4FBDE15B2B96D0C5F00D1AC16FED78F4
SHA-1: 0xF20BBF0BE07DC27BBD431E60A227EA371C47AA23
69 %AppData%\ConduitEngine\Dialogs\ToolbarFirstTimeDialog\images\weather.GIF
%AppData%\Elf_1\Dialogs\ToolbarFirstTimeDialog\images\weather.GIF
1,158 bytes MD5: 0xC014B05B57F644AF608106016C9BDA0B
SHA-1: 0xEAB035E7507CCE1415AEA4025E564F9BDAAC331F
70 %AppData%\ConduitEngine\Dialogs\ToolbarFirstTimeDialog\main.html
%AppData%\Elf_1\Dialogs\ToolbarFirstTimeDialog\main.html
6,696 bytes MD5: 0xA414EAF5DE5CA55EB76D986C7896750B
SHA-1: 0x033B79F43417442B96E37E52246C1359F4A7444A
71 %AppData%\ConduitEngine\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.css
%AppData%\Elf_1\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.css
7,217 bytes MD5: 0x264F3212CA35750A846B9D4B774CA874
SHA-1: 0xADE17A4D623A9133271409B39DFC42DC7171F985
72 %AppData%\ConduitEngine\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.js
%AppData%\Elf_1\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.js
29,886 bytes MD5: 0x90418FEB8F4EAE883B56203FD7700EFD
SHA-1: 0x3A533692B4B3A022FF78D32B503AB78630707961
73 %AppData%\ConduitEngine\Dialogs\ToolbarUntrustedAppsApprovalDialog\main.html
%AppData%\Elf_1\Dialogs\ToolbarUntrustedAppsApprovalDialog\main.html
1,925 bytes MD5: 0x3466F9FA13475F3EE0C3C5DABB976E4B
SHA-1: 0xF0F4B2E9E602C0306B2D36787E6FBE3E1BBD6235
74 %AppData%\ConduitEngine\Dialogs\ToolbarUntrustedAppsApprovalDialog\ToolbarUntrustedAppsApprovalDialog.js
%AppData%\Elf_1\Dialogs\ToolbarUntrustedAppsApprovalDialog\ToolbarUntrustedAppsApprovalDialog.js
8,313 bytes MD5: 0xCB662EA03D2145965FADF86E6B9EE64D
SHA-1: 0xEB7A7041E2D8C111633D7BE8DD96D0BC38652022
75 %AppData%\ConduitEngine\Dialogs\UntrustedAddedAppDialog\main.html
%AppData%\Elf_1\Dialogs\UntrustedAddedAppDialog\main.html
2,633 bytes MD5: 0x7AC661F3618C8C39A435CEC17EF4142F
SHA-1: 0xC3110B68230F0CC68A7FBE1F8CC9A78B4D1A4779
76 %AppData%\ConduitEngine\Dialogs\UntrustedAddedAppDialog\UT-app-dialog-added.js
%AppData%\Elf_1\Dialogs\UntrustedAddedAppDialog\UT-app-dialog-added.js
9,724 bytes MD5: 0x1AC607983EEE2E86693FDA9BFEC16B2D
SHA-1: 0x321784355C887860F386C93F741A77E567DBBE98
77 %AppData%\ConduitEngine\Dialogs\UntrustedAppApprovalDialog\main.html
%AppData%\Elf_1\Dialogs\UntrustedAppApprovalDialog\main.html
2,647 bytes MD5: 0x627C60F1BF6F532251760AA288FCFB40
SHA-1: 0x611655CFFEF0A6BDC1313F39984887D978222561
78 %AppData%\ConduitEngine\Dialogs\UntrustedAppApprovalDialog\UT-app-dialog-needs-your-approval.js
%AppData%\Elf_1\Dialogs\UntrustedAppApprovalDialog\UT-app-dialog-needs-your-approval.js
9,750 bytes MD5: 0xC1334BEFF9CA3C9E2AD11A26264052B4
SHA-1: 0x9C6945C5A5631F21CE347CF4503B63B8EF21E694
79 %AppData%\ConduitEngine\Dialogs\UntrustedAppPendingDialog\main.html
%AppData%\Elf_1\Dialogs\UntrustedAppPendingDialog\main.html
2,644 bytes MD5: 0x66FFDDCCFF58E4FD0C1E991DE61E710D
SHA-1: 0x23B76D0193ECA82FD94CD9D154FD821FD04E2702
80 %AppData%\ConduitEngine\Dialogs\UntrustedAppPendingDialog\UT-app-dialog-is-waiting.js
%AppData%\Elf_1\Dialogs\UntrustedAppPendingDialog\UT-app-dialog-is-waiting.js
9,728 bytes MD5: 0x69A01890DE7BA47B623AD6F2E2DF8FA5
SHA-1: 0x31E212395A585B745E060AB03BA7553FA6C0DC3A
81 %AppData%\ConduitEngine\Dialogs\version.txt
%AppData%\Elf_1\Dialogs\version.txt
8 bytes MD5: 0xC0B3496A5B62AB05DC2FA70BDC5373F0
SHA-1: 0xCDF66D685855C60F2C942B59FCF66A92C7D4A95E
82 %AppData%\ConduitEngine\EngineSettings.json 3,652 bytes MD5: 0xC32C5DB56771290A2C6CC95B605BC34E
SHA-1: 0x29CECA7470601F006BDD53BF05AC69F7C57FC2EF
83 %AppData%\ConduitEngine\ExternalComponent\http___contextmenu_app_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=appContextMenu&locale=en-us.xml 6,613 bytes MD5: 0xFE3E6F69A41E7532957D7814E3E433E1
SHA-1: 0x857477EBAEBEA261EA8024ADCE7B4BF82862AC93
84 %AppData%\ConduitEngine\ExternalComponent\http___contextmenu_app_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=appContextMenu2_0&locale=en-us.xml 6,610 bytes MD5: 0xD6D8384FA55A2E26BC8BD2DD3DD0B0FC
SHA-1: 0x8660B660EB372830C9E557CE4292651ED95499C7
85 %AppData%\ConduitEngine\ExternalComponent\http___contextmenu_engine_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=engineContextMenu&locale=en-us.xml 4,060 bytes MD5: 0xD36423CECBFE5F806725E13ED7101201
SHA-1: 0xC83A371C7925BE728FAC8B966CF5874F9E5BC6A5
86 %AppData%\ConduitEngine\ExternalComponent\http___contextmenu_engine_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=engineContextMenu2_0&locale=en-us.xml 4,473 bytes MD5: 0xB817A53627CC0CF0C2D735D983B3C852
SHA-1: 0x85BD7C1E96D7F286D00EEB56E366F95543804B23
87 %AppData%\ConduitEngine\Repository\conduit_ConduitEngine\dynamicDialogs\data.txt
%AppData%\Elf_1\Repository\conduit_CT2856415_CT2856415\DynamicDialogs\data.txt
%Temp%\2861858155137812.tmp
%Temp%\3397051458132671.tmp
83,311 bytes MD5: 0x8616DF0443865C18D04ED4EB47194373
SHA-1: 0xF9F78FE33CF677C395ECC8ECB1A275B7EE7C01CF
88 %AppData%\ConduitEngine\toolbar.cfg
%ProgramFiles%\ConduitEngine\toolbar.cfg
25 bytes MD5: 0x7BBB07039B2B2CC073E44F50FAFDAF11
SHA-1: 0x72EFF70D121CD84307401973BD33114AF0246C67
89 %AppData%\Elf_1\CacheIcons\http___storage_conduit_com_15_285_CT2856415_Images_633887384515212500_png.png 431 bytes MD5: 0xC07B41CE42E51B3BEA6018B07CB7E3A5
SHA-1: 0xFAD72B30D7B9C182DFA887C048EBD4AD1EEA3C25
90 %AppData%\Elf_1\CacheIcons\http___storage_conduit_com_15_285_CT2856415_Images_633887385401150000_png.png 234 bytes MD5: 0xFC109501BBC006458D9EC3C786EC0D63
SHA-1: 0x0E8681A0B2715179A5E8D80333BEED127BCC99F5
91 %AppData%\Elf_1\CacheIcons\http___storage_conduit_com_15_285_CT2856415_Images_634227803459875000_gif.gif 159 bytes MD5: 0x9AD13CA13A640BB645AEFA515EA3FD19
SHA-1: 0x69E7C60EB015BE9DC8DA620596703DB54F68A5A6
92 %AppData%\Elf_1\CacheIcons\http___storage_conduit_com_15_285_CT2856415_Images_634251546639106250_gif.gif 462 bytes MD5: 0xACBE6609E815630977767A9F858B80C6
SHA-1: 0xCDA815B4271EE9B686695CDB2B21C91B3DCA3C92
93 %AppData%\Elf_1\CacheIcons\http___storage_conduit_com_15_285_CT2856415_Images_634251547217543750_gif.gif 412 bytes MD5: 0xE9F0CCBC43F6612BA259E59EA43183D0
SHA-1: 0x16A9F88CD3D835600E6687E508347D6C20E08BDA
94 %AppData%\Elf_1\CacheIcons\http___storage_conduit_com_15_285_CT2856415_Images_634251548267075000_gif.gif 696 bytes MD5: 0xC0C6DF053D83A35E33AE70965F0FE917
SHA-1: 0xC17C2B0B6D00A55B7987C98C37ACDED42CC47228
95 %AppData%\Elf_1\CacheIcons\http___storage_conduit_com_15_285_CT2856415_Images_634251549102856250_gif.gif 472 bytes MD5: 0x8B61C11CADDB14B8C88842C0BC0F6287
SHA-1: 0xD0BDC0CA8726F157C071E9D4646262A3F56B05CC
96 %AppData%\Elf_1\CacheIcons\http___storage_conduit_com_15_285_CT2856415_Images_634251549557387500_gif.gif 289 bytes MD5: 0x4CEAAE67B8871D5CCC0DCBE6D2901345
SHA-1: 0xE0D197095BCDC897CF843C83A36780D1CA3D0C19
97 %AppData%\Elf_1\CacheIcons\http___storage_conduit_com_15_285_CT2856415_Images_634251550735200000_gif.gif 1,075 bytes MD5: 0x62F9C5DF7F25782EF45F934D39545730
SHA-1: 0x51A97218AB00C065229FBD23D4054B37B00D0385
98 %AppData%\Elf_1\CacheIcons\http___storage_conduit_com_15_285_CT2856415_Images_634253679768400000_gif.gif
%AppData%\Elf_1\CacheIcons\http___storage_conduit_com_15_285_CT2856415_Images_634253681927618750_gif.gif
440 bytes MD5: 0x68AEF48DF3C3B4CEEE1281CE50E21D87
SHA-1: 0x6920DABA7A5B5F90242064E1CF7B0833BC4CC05D
99 %AppData%\Elf_1\CacheIcons\http___storage_conduit_com_15_285_CT2856415_Images_634253680925587500_gif.gif 458 bytes MD5: 0x55932819DB4A8970A9C61C22C281F6B7
SHA-1: 0x38CD85C323238C9D881C01120B0592F0F6C8C86B
100 %AppData%\Elf_1\CacheIcons\http___storage_conduit_com_15_285_CT2856415_Images_634253684562775000_gif.gif 658 bytes MD5: 0xB6BF0A9C02D283294E314E81A50D84D7
SHA-1: 0x5BAFB43C72AA5F1457E90B7F08D7044F8ABEFAA4

 

Memory Modifications

Process NameProcess FilenameMain Module Size
GLB1.tmp%Temp%\GLB1.tmp28,672 bytes

 

Registry Modifications

 

Other details

Remote HostPort Number
184.86.159.18080
184.86.159.18580
207.46.118.15880
207.46.140.20080
208.93.142.12080
208.93.142.18080
208.93.142.6080
208.93.142.8080
216.205.104.16380
66.77.197.15080

 

Outbound traffic (potentially malicious)

 

 

All content ("Information") contained in this report is the copyrighted work of Threat Expert Ltd and its associated companies ("ThreatExpert") and may not be copied without the express permission of ThreatExpert.

The Information is provided on an "as is" basis. ThreatExpert disclaims all warranties, whether express or implied, to the maximum extent permitted by law, including the implied warranties that the Information is merchantable, of satisfactory quality, accurate, fit for a particular purpose or need, or non-infringing, unless such implied warranties are legally incapable of exclusion. Further, ThreatExpert does not warrant or make any representations regarding the use or the results of the use of the Information in terms of their correctness, accuracy, reliability, or otherwise.

Copyright © 2014 ThreatExpert. All rights reserved.