Submission Summary:

What's been foundSeverity Level
Produces outbound traffic.
Downloads/requests other files from Internet.
Registers a 32-bit in-process server DLL.
Registers a Browser Helper Object (Microsoft's Internet Explorer plugin module).

 

Technical Details:

 

File System Modifications

#Filename(s)File SizeFile Hash
1 %AppData%\Conduit\Community Alerts\LanguagePacks\en.xml 4,595 bytes MD5: 0x56C5048EE3E1F4EBF82A192B12E5612C
SHA-1: 0x09121D091D0B65D6415D3781F29E857A6628676E
2 %AppData%\Conduit\Toolbar\Facebook\http___facebook_conduit-services_com_Settings_ashx_locale=en-us&browserType=IE&toolbarVersion=6_1_0_7.xml
%AppData%\Conduit\Toolbar\Facebook\http___facebook_conduit-services_com_Settings_ashx_locale=en-us&browserType=IE&toolbarVersion=6_2_2_4.xml
10,909 bytes MD5: 0x1B3B574AA349758343D3C80787B9739E
SHA-1: 0xBDB767442BA9181F890366B414B8B391699F50B3
3 %AppData%\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png
821 bytes MD5: 0x99D5F75C338F2A877CBF891E0F18746E
SHA-1: 0xD8C9E840C1F5C24B24CF9184F57DA0EAF507383A
4 %AppData%\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Browse_png.png
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Browse_png.png
729 bytes MD5: 0xF2291FAB46ED9291A1A2FFE9F88E9D84
SHA-1: 0x2C7CDE46E3821024F6FDF336C5A5E5B9F7BBD494
5 %AppData%\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png
531 bytes MD5: 0xA847C5F6CE2C700048749892DD2E0619
SHA-1: 0xFE31F8A744662A52F930B9C9775584EF31B0EC8E
6 %AppData%\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png
669 bytes MD5: 0xFED9E00C76F647EE6A0B7CC684C89F0C
SHA-1: 0x3180AB21F3B9DA50C9F436E3E4F4105D00DE2289
7 %AppData%\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png
%AppData%\ToggleEN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png
734 bytes MD5: 0x943ADFD9E0DF1507F7BC419802BF4303
SHA-1: 0x7CA4DFAE78E394166767C916B6BDE19659809CAB
8 %AppData%\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png
562 bytes MD5: 0x36C6FB9C84D4AF5C5D7C5B277A0E4A01
SHA-1: 0xD683ED1303DC287F61C0FA2FACABC8572D68FC57
9 %AppData%\ConduitEngine\CacheIcons\http___Storage_Conduit_com_BankImages_ConduitEngine_ContextMenu_MoveLeft_png.png 610 bytes MD5: 0x68E9E9252E45ED7BD51B8680E8DD4462
SHA-1: 0x6ADBC289C1A16D68ECB42F3077D65BBE71C3016A
10 %AppData%\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_MoveRight_png.png 606 bytes MD5: 0x8D8D187BA99DBEF76E4286668B474A4E
SHA-1: 0x76E1542C2734F5CE92675B5DE067350D9A8636AD
11 %AppData%\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png
493 bytes MD5: 0x275C9DA2D536F18F528C80E050C3D705
SHA-1: 0xA07031202B3495758619A7F86D2B7E48FEB0B077
12 %AppData%\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png
%AppData%\ToggleEN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png
706 bytes MD5: 0x3AD88BD8E832DA39FAAEDF07AD595F94
SHA-1: 0x6C9437BE57831928C7DA6746F1F8B54C9B5F4E21
13 %AppData%\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png
674 bytes MD5: 0x650731EEF807C292E699779B12CBE552
SHA-1: 0xB6FD7E166FA1FE448301FBC2B11AE5325B11CF4C
14 %AppData%\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Share_png.png
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Share_png.png
696 bytes MD5: 0x70D43EC3F4BD7C10D5534EFCEC6D7AE5
SHA-1: 0x7066A3BA72EC8A1B0A5162569ACF13B5D5A928C2
15 %AppData%\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Upgrade_png.png
%AppData%\ToggleEN\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Upgrade_png.png
607 bytes MD5: 0x9B4D914888BCFFCBAE6757A0E450551C
SHA-1: 0xC3C138518228F61CC4BC2F9D29AE569933BD5BCD
16 %AppData%\ConduitEngine\EngineSettings.json 3,543 bytes MD5: 0x32D963D9314A4413D93D48BEC8440BE6
SHA-1: 0xECF6992419A6CBAA8060FCD8C6D72619A1926C05
17 %AppData%\ConduitEngine\ExternalComponent\http___contextmenu_app_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=appContextMenu&locale=en-us.xml 6,613 bytes MD5: 0xFE3E6F69A41E7532957D7814E3E433E1
SHA-1: 0x857477EBAEBEA261EA8024ADCE7B4BF82862AC93
18 %AppData%\ConduitEngine\ExternalComponent\http___contextmenu_app_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=appContextMenu2_0&locale=en-us.xml 6,610 bytes MD5: 0xD6D8384FA55A2E26BC8BD2DD3DD0B0FC
SHA-1: 0x8660B660EB372830C9E557CE4292651ED95499C7
19 %AppData%\ConduitEngine\ExternalComponent\http___contextmenu_engine_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=engineContextMenu&locale=en-us.xml 4,060 bytes MD5: 0xD36423CECBFE5F806725E13ED7101201
SHA-1: 0xC83A371C7925BE728FAC8B966CF5874F9E5BC6A5
20 %AppData%\ConduitEngine\ExternalComponent\http___contextmenu_engine_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=engineContextMenu2_0&locale=en-us.xml 4,473 bytes MD5: 0xB817A53627CC0CF0C2D735D983B3C852
SHA-1: 0x85BD7C1E96D7F286D00EEB56E366F95543804B23
21 %AppData%\ConduitEngine\LanguagePack\en-us\LanguagePack.json 107 bytes MD5: 0x732E790292DDEC60D7FDDEC8BE7635EA
SHA-1: 0x597D0B4961DEE43AAC34A5B07DA06690E7DFCB84
22 %AppData%\ToggleEN\CacheIcons\http___a0_twimg_com_profile_images_1134580860_bs_radiance-crop_normal_jpg.jpg 4,704 bytes MD5: 0x11FC742A6B7239F3E4312C16CA583C50
SHA-1: 0x5058A6B0750CA3FB6D5FD2E8BE47C8C26988A19F
23 %AppData%\ToggleEN\CacheIcons\http___a0_twimg_com_profile_images_1153847120_Picture_27_normal_png.png 4,199 bytes MD5: 0x97162D0D907364BC411EAB560E5AA5BF
SHA-1: 0xC1272F23095703C7E762E929A0FEBCDBD1DFA53B
24 %AppData%\ToggleEN\CacheIcons\http___a1_twimg_com_profile_images_431224461_twitbutt_normal_jpg.jpg 1,867 bytes MD5: 0x1CC79BD2367AE024A55DF2651692BF35
SHA-1: 0xD3249DCE21880A027C383DF8CFDDD6FF1A180D08
25 %AppData%\ToggleEN\CacheIcons\http___a1_twimg_com_profile_images_57465005_twitter_avatar_nyt_normal_jpg.jpg 1,208 bytes MD5: 0xE0975D74DD02E81E7BBC98CC9652A220
SHA-1: 0x7344E4B80412FFE7ED49E494441F342B40883F36
26 %AppData%\ToggleEN\CacheIcons\http___a1_twimg_com_profile_images_77186109_favicon_normal_png.png 3,695 bytes MD5: 0x65316A0B695E228A4F0EFA21CF3E40B1
SHA-1: 0x0CD318402FF41572D0F4EAC91AA523C30D463EC1
27 %AppData%\ToggleEN\CacheIcons\http___a2_twimg_com_profile_images_1150039878_twitter_Oh_Santa_normal_jpg.jpg 2,626 bytes MD5: 0x581453F2E03B98172246143D9BFB766B
SHA-1: 0xC671BC8DA5B922CBC6BC6F4C2A1DD38F3A519459
28 %AppData%\ToggleEN\CacheIcons\http___a2_twimg_com_profile_images_626779806_demi-moore_normal_jpg.jpg 1,574 bytes MD5: 0x5EB60AD16391C2E397EA75C4D730F280
SHA-1: 0x866F3A513E3F1F0ADEABA41DB9639B2D7508682A
29 %AppData%\ToggleEN\CacheIcons\http___a2_twimg_com_profile_images_638714290_profile_pic_normal_jpg.jpg 1,811 bytes MD5: 0x60B9A4FA028A304C6516ADC0A248CDFA
SHA-1: 0x97DCAFF4A74F1E93ED3A60836C65FAF7516657F8
30 %AppData%\ToggleEN\CacheIcons\http___a3_twimg_com_profile_images_67263363_icon_cnnbrk_normal_png.png 4,472 bytes MD5: 0x0163A448A7B39E8B88ED632DC17BBB31
SHA-1: 0x2F7EEED9296185893EB408B4D15AC2B0C38180D5
31 %AppData%\ToggleEN\CacheIcons\http___a3_twimg_com_profile_images_784227851_BarackObama_twitter_photo_normal_jpg.jpg 2,143 bytes MD5: 0x621D37635C9EBB52F09517CFE346FCC3
SHA-1: 0x6F3BEA6D2BF8B17D08829967443AFDFD4A074899
32 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_633640087722406250_gif.gif 1,091 bytes MD5: 0xD0BFD3E5064427328A7AC1EB7D369B3F
SHA-1: 0xCB8786B05784F56DD863E228B35A13ADAE9E0B99
33 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_633801484581712500_gif.gif 760 bytes MD5: 0xF5570B307DB2AF6A1D52A63F3144C303
SHA-1: 0x584E91E4F334C05C28EAF9ED4118F242F2E6ACCD
34 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_633801484778118750_gif.gif 758 bytes MD5: 0xE8CD2E63C5807FDAC346CE7723AB65FF
SHA-1: 0x990AADF3D18DB99457D74FA3FCD693D780339B30
35 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_633801484946868750_gif.gif 802 bytes MD5: 0xBE3CD9FC250F87DE385F9C3AC39BBD53
SHA-1: 0x5E35921DCED781F4D39ABA09D32C6A319CD996A0
36 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_633801485254056250_gif.gif 770 bytes MD5: 0xC901BBC1BC17EE128983CC90CEC5997A
SHA-1: 0x711564A835BCCEB4E049E3F8E66762125FD121D4
37 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_633801485429837500_gif.gif 794 bytes MD5: 0x4F870049E1E4240AE92CC0D1E2BB57C3
SHA-1: 0x7922A40C55C33DFDC0F29F0C194D26433543F3B0
38 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_633801485611868750_gif.gif 768 bytes MD5: 0xE72519A495A1B24B422B89907AD88523
SHA-1: 0xF9FCA39E9C10AE0AD9E6F32C9AB7D1AFCCE235A4
39 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_633801485811556250_gif.gif 746 bytes MD5: 0x5A016D930180C26E23649C9F0562883C
SHA-1: 0xF538950A9B130DF4B2BBFEC8868BEDC5080C53FB
40 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_633801486098431250_gif.gif 818 bytes MD5: 0x81FC8059B6DDDC646B24DED256810AB2
SHA-1: 0xF72B74881446C37BAE8841AC30DC7B52EFAD3EA0
41 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_633801486325618750_gif.gif 838 bytes MD5: 0x7FC03926431D51C705EC851CCEB58C85
SHA-1: 0x0A824886CCF6C1F6BC7E9E730AF2CE1FA2E76503
42 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_633801486607650000_gif.gif 826 bytes MD5: 0xE860F633754CC502281C1BD0E6DA1AE7
SHA-1: 0x4DE0162CBB73126F9C65687A29A52B816DC603D2
43 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_633801486778275000_gif.gif 802 bytes MD5: 0x557F75CEDFBBED59DE7AEF9EB687B6BF
SHA-1: 0x4DD9145C311D6DC1AF273A68FB6C6AE33B2480BC
44 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_633801486815462500_gif.gif 460 bytes MD5: 0xB2F17EEEBA319C9D83A04AA4E1AE5AD2
SHA-1: 0x4809E862C3AE43E0B0FC9D9B5C3C806B6F5D89D4
45 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_633903549395787500_gif.gif 322 bytes MD5: 0xB5401D9909CD0DEF2E58BAC534656F81
SHA-1: 0xC10084C85AB098DDD918552FF66AF56D15280D34
46 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_634220538401787500_png.png 1,000 bytes MD5: 0x3AE7345AF9AC86D78A42D7C2B78CCD6B
SHA-1: 0x4910E18452BED701255CEB41FB9306DC4AE3D94F
47 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_634243248996950000_png.png 1,500 bytes MD5: 0x2ECF8CCE6F134208808725E5951444E4
SHA-1: 0x9D49080088CBB9C888AE2985339693982C534B5C
48 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_Buttons2_xml-151-DsilkSet-634211907564981250_gif.gif 365 bytes MD5: 0x397CA7BF65BB8DAB05A3D187D9210C74
SHA-1: 0xB5AAF520A377FCECFE326C16A1141A4A52460CF1
49 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_Buttons2_xml-4-Classic-633786010546162500_gif.gif 140 bytes MD5: 0xBBCE980FBA180A4E6DE7CD3A2438A41F
SHA-1: 0x6BC6BDC27721B620AB67EB61072BC29C1342C8EE
50 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_Email_xml-18-Classic-634152237964415000_gif.gif 1,105 bytes MD5: 0x6247CE9EBE39356F79D5A8F5BF093E1A
SHA-1: 0xCEF34F6C388784220E7681B7949B4EF9E4A6D134
51 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_Facebook_xml-5-Facebook-634140167799356250_gif.gif 1,630 bytes MD5: 0x4F915792280073EB283EFBD33A909BB2
SHA-1: 0xC3344979374564798EA6FB82BFC60B2196FBA892
52 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_Rss-rss01x16red_gif-rss16Images-634211903593575000_gif.gif
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_Rss-rss01x16red_gif-rss16Images-634211903872950000_gif.gif
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_Rss-rss01x16red_gif-rss16Images-634211904064981250_gif.gif
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_Rss-rss01x16red_gif-rss16Images-634211904204512500_gif.gif
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_Rss-rss01x16red_gif-rss16Images-634211904459356250_gif.gif
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_Rss-rss01x16red_gif-rss16Images-634211904622481250_gif.gif
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_Rss-rss01x16red_gif-rss16Images-634211904803575000_gif.gif
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_Rss-rss01x16red_gif-rss16Images-634211904936387500_gif.gif
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_Rss-rss01x16red_gif-rss16Images-634211905153262500_gif.gif
425 bytes MD5: 0x3BB3646E10E49B85A2BE492420E59EA1
SHA-1: 0x337B077C3C9372DADC66A098CAE97C452CA8468E
53 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_Rss_xml-19-rssIcons-634211905179668750_gif.gif 534 bytes MD5: 0x0C254996CB15DE87A2B447400B183750
SHA-1: 0x8F8F9DBA7B1BAFFC540C40375E18C23487E30C83
54 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_SearchActivationButton-go_but01_gif-General-633786010268818750_gif.gif 117 bytes MD5: 0xD98754949232C20B38E52EC493111E9F
SHA-1: 0xFFC5C9B53807C057262A28D016E384E2FD410BE9
55 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_Twitter_xml-5-Twitter-634211905765762500_gif.gif 1,692 bytes MD5: 0x97970DB78633A4C16E4A202B3427DDEE
SHA-1: 0x643C207B883F164196411378CE07053A134DB51A
56 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_43_207_CT2077543_Images_Weather_xml-14-Colorized-634220537317568750_gif.gif 595 bytes MD5: 0x934D51A1E38A2E043EB45DC44A2901FC
SHA-1: 0x61E0890A2812A72163B9A5A4FC62914671F36A0D
57 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Events_png.png 705 bytes MD5: 0x70B83DCDF7A6FA34240E1AA1D23EE535
SHA-1: 0x39A34735CE9B5C09D27502F50C19965D0B6C5D33
58 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Friends_png.png 746 bytes MD5: 0x2AE805114215925E00858FD2FEFF1439
SHA-1: 0x19F56A3631B678BE4FB25C83BD82D481C62B25BD
59 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Groups_png.png 669 bytes MD5: 0x6CFEA2D0DB786FDB4D72C1C1DE036822
SHA-1: 0xD5B022702B19D871D8775E2D3B2781D7BBD84E68
60 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Home_png.png 338 bytes MD5: 0xDB45ACA16C515F2FD8CB3B6F5E4FC386
SHA-1: 0x69A0D59C3C448E9E3761FBA39A708A5091F64BE7
61 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Inbox_png.png 545 bytes MD5: 0x6EB69BFCBFD422247C103705B532BFE1
SHA-1: 0xA8393CD0A83AFCF27C84EAF287354A4F49E3E3A5
62 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Logout_png.png 514 bytes MD5: 0x7F396C3A400239B9B66DEC2D503D86BB
SHA-1: 0x540A2D472368F2291ACDD9CBCD4076EA03B65EAB
63 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Photos_png.png 3,355 bytes MD5: 0xEC261A170D34BE434129E71B9C2C0408
SHA-1: 0xF7D4189457707930B8651C08CAB523627F3DCAA1
64 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Profile_png.png 594 bytes MD5: 0x62C86296694EF7F41D380804A58EF5CA
SHA-1: 0xCA14553EC2EF2378481D03ECB4B1000E536B30AA
65 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Settings_png.png 415 bytes MD5: 0xE42D284CC0436B66C1DB4AAFFCCC1957
SHA-1: 0x9B5C0B22975D89D5733422424ABDA8ACA259B89F
66 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Share_png.png 461 bytes MD5: 0xB4AEAC6600360BC4148538F716453AAC
SHA-1: 0x417DA0B34599514A462498B9BECA25C739C7FBE1
67 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Status_png.png 699 bytes MD5: 0x640E17444F44717CA5039BCB7FD3551E
SHA-1: 0x9A45E697C9D06E4D339857E7A2B066CBCD91E942
68 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_chevron_menu_gif.gif 884 bytes MD5: 0x872292DE9C3484F16BDA3A0900533398
SHA-1: 0x958D1A0B26D61A1BF2F4C243A55E01D7320A75E3
69 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_display_gif.gif 138 bytes MD5: 0xD5E20EF49F3808A51AA78B090CBB4B12
SHA-1: 0x73FD90952122031FE164B424DA82ACE9460ED468
70 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_equalizer_dead_gif.gif 119 bytes MD5: 0xA5220F9E01F826B14FB6E2C3F4ECE421
SHA-1: 0xD302A637C458156E4A2DC19F574A2D152752E27D
71 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_Equalizer_GIF.GIF 465 bytes MD5: 0x02203C380AF50E00A0DFDB7C784F961A
SHA-1: 0x133104345FE04CC164E1ACDE69EB382DBAA982F6
72 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_Error_GIF.GIF 286 bytes MD5: 0x27B43532E7F5E4A6E339EFD8011C16F1
SHA-1: 0xBF79D34D05851D250D1BB19CFA7729EDE7E24D80
73 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_Loading_gif.gif 658 bytes MD5: 0x576E8AE9DA580108D5E93341140B6345
SHA-1: 0x3A70C23E9E5DEBD318BBAC063E25D9ED7BA4A985
74 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_maxi_dn_gif.gif 598 bytes MD5: 0x591233CBD455659937B107D87BE97E7C
SHA-1: 0x480B41A199DF8F1B372BBB03E27BC96E24031E33
75 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_maxi_gif.gif 386 bytes MD5: 0x93EAAC8DE4960D491628477809038DA5
SHA-1: 0x01C71485591E5A3A9776764E553FC26530D4B185
76 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_maxi_over_gif.gif 594 bytes MD5: 0x81BA97263822D545B98ECB1D676DB5F3
SHA-1: 0x0AABE99741541458AF97D67F248B417E66F7FA1A
77 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_minimize_dn_gif.gif 598 bytes MD5: 0xBFB6AC32B680CC2DC9E3B042239BFB20
SHA-1: 0x453B3204625E9B5F409B2C870CF9432FC2B90362
78 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_minimize_gif.gif 590 bytes MD5: 0xEFFF305AD2F5AA1DB77F7786B490DC61
SHA-1: 0x02A6342F9A04BD7D7168DE9A4EE5F9EA739CC366
79 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_minimize_over_gif.gif 594 bytes MD5: 0xCE62E18B9DC4BE7EAB8D2D574128CE77
SHA-1: 0x403638A69C76E43AF881F854D60C4247E3DF48BE
80 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_pause_dn_gif.gif
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_pause_dn_mini_gif.gif
652 bytes MD5: 0x74ED5324648F879B6CCEF58E2DF9E49D
SHA-1: 0x53B194AD46267AA1D790D0319FD13CDC1B4452F4
81 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_pause_gif.gif
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_pause_mini_gif.gif
672 bytes MD5: 0xD785EA3384FE734DBE31B821F6514F94
SHA-1: 0x76EE97C1AF46CE76187EF1F15350D0DE9B950981
82 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_pause_over_gif.gif
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_pause_over_mini_gif.gif
1,094 bytes MD5: 0x2F2AD66C23996419E7D8266ECDDA1F88
SHA-1: 0x5A2645DD20318F1A9B2E519AB4463B1AC2394618
83 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_play_chevron_gif.gif 1,007 bytes MD5: 0xF9897266FC817421D83726AD3F4402FA
SHA-1: 0x562A0196AD07D718B663808533C2A4F25768601F
84 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_play_dn_gif.gif
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_play_dn_mini_gif.gif
661 bytes MD5: 0xE6ABE3C5999EE1F0013004AA549B8E60
SHA-1: 0x6F97C57A13FF6A9DB08E92BCDF26750336CF1615
85 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_play_gif.gif
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_play_mini_gif.gif
676 bytes MD5: 0x40A8862A7994FA5600025CFDF7A8B81E
SHA-1: 0x4576F76D8BB38402A32B02CF7619A6888114B509
86 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_play_over_gif.gif
%AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_play_over_mini_gif.gif
1,094 bytes MD5: 0xBF6A9260886A9E4ACB4023A2EF9F610A
SHA-1: 0x74480165A83B76FDABCCDE88BFDA7ABE029A7340
87 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_slider_bg_gif.gif 244 bytes MD5: 0x86E2DDD8337AF0386A656216B67EFF64
SHA-1: 0x18556F5BFF189F89E809FBC546F30F8AD7B098BB
88 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_slider_gif.gif 129 bytes MD5: 0x556E84F732734EA045DBCF4DD6098BBB
SHA-1: 0x46D8FBD9BD1DC8815453C23CCEF5A4E5B7DF9D7E
89 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_stop_chevron_gif.gif 1,001 bytes MD5: 0x7428C0515D708D7C3520CF78F85B74FE
SHA-1: 0xF2BE67BEECED66E8ED9305B237C2D85EB23733E9
90 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_stop_dn_gif.gif 695 bytes MD5: 0x6E6BA836B7FEE53CE498ECE354A9C2D9
SHA-1: 0x395E2553E8D845D104D8CF28FB3DE0D1725585B1
91 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_stop_gif.gif 703 bytes MD5: 0x253E89E7D1686D67C40FFB20FF78FEEF
SHA-1: 0x5923DE87468B3E15B6C41554D5A459180AAA78B7
92 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_stop_over_gif.gif 1,126 bytes MD5: 0xB1BE39AC8F8DDBD990E30CD513A77ACA
SHA-1: 0xD587529A91AEEE88322A1E450D9A853CD8C57764
93 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_vol_dn_gif.gif 703 bytes MD5: 0x64383A68A4B5EF32C30E151EB53F53E8
SHA-1: 0x0643D7E23E0B403A9217C24BD06B5BD6366E0429
94 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_vol_gif.gif 712 bytes MD5: 0x5AB7200023489A910B502A6EEE23674D
SHA-1: 0x4ADAEE884DAE0E1D4D7CB7B534B162667BC84695
95 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_vol_over_gif.gif 1,132 bytes MD5: 0xB13B78C10FB60AB39EDB1951707360FC
SHA-1: 0x66EF984E4798BCA536DCB77F9DE5C2F61FD8E73B
96 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_images_ClientImages_radio_gif.gif 419 bytes MD5: 0x01B83C91554738F6AFFB7895BBBA73FB
SHA-1: 0x2B1A355FDDFA3F020EB96A258A390C1C0D18233C
97 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_images_main_menu_about_gif.gif 403 bytes MD5: 0xEC3C2B4E0DEC4D880BAFF88ABBF94188
SHA-1: 0x6F0F2AB4D87FAB206C9F23A308935CEB7173F08F
98 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_images_main_menu_clear_history_gif.gif 414 bytes MD5: 0xA9E001CBC00B06B121DFBC80707F5298
SHA-1: 0x16920DA511D382AA2D84A311845CCFD427F77C34
99 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_images_main_menu_contact_gif.gif 278 bytes MD5: 0x15DEF39E438E807E2F0E22D44FDC7FB7
SHA-1: 0x156D99EBEE95E8DE645A8C33E6455C9F223550A5
100 %AppData%\ToggleEN\CacheIcons\http___storage_conduit_com_images_main_menu_help_gif.gif 405 bytes MD5: 0x995595D4C685D659E8F03CD0A287EDDF
SHA-1: 0xF0065792A12674FF7EED9E5C849FE9099FF3BAD5

 

Memory Modifications

Process NameProcess FilenameMain Module Size
[filename of the sample #1][file and pathname of the sample #1]282,624 bytes

Module NameModule FilenameAddress Space Details
tbTogg.dll%ProgramFiles%\ToggleEN\tbTogg.dllProcess name: IEXPLORE.EXE
Process filename: %ProgramFiles%\internet explorer\iexplore.exe
Address space: 0x10000000 - 0x103B6000
ConduitEngine.dll%ProgramFiles%\ConduitEngine\ConduitEngine.dllProcess name: IEXPLORE.EXE
Process filename: %ProgramFiles%\internet explorer\iexplore.exe
Address space: 0xE90000 - 0x1246000
Alert.dll%ProgramFiles%\Conduit\Community Alerts\Alert.dllProcess name: IEXPLORE.EXE
Process filename: %ProgramFiles%\internet explorer\iexplore.exe
Address space: 0x25A0000 - 0x2625000
tbTog0.dll%ProgramFiles%\ToggleEN\tbTog0.dllProcess name: IEXPLORE.EXE
Process filename: %ProgramFiles%\internet explorer\iexplore.exe
Address space: 0x10000000 - 0x103C1000
ConduitEngin0.dll%ProgramFiles%\ConduitEngine\ConduitEngin0.dllProcess name: IEXPLORE.EXE
Process filename: %ProgramFiles%\internet explorer\iexplore.exe
Address space: 0xE90000 - 0x1251000
Alert.dll%ProgramFiles%\Conduit\Community Alerts\Alert.dllProcess name: IEXPLORE.EXE
Process filename: %ProgramFiles%\internet explorer\iexplore.exe
Address space: 0x2260000 - 0x22E5000

 

Registry Modifications

 

Other details

Remote HostPort Number
128.242.245.18080
188.165.14.9980
208.93.142.12080
208.93.142.6080
208.93.142.8080
208.93.142.9080
208.93.142.9580
216.137.43.14880
64.208.241.2680
64.208.241.5780

 

Outbound traffic (potentially malicious)

 

 

All content ("Information") contained in this report is the copyrighted work of Threat Expert Ltd and its associated companies ("ThreatExpert") and may not be copied without the express permission of ThreatExpert.

The Information is provided on an "as is" basis. ThreatExpert disclaims all warranties, whether express or implied, to the maximum extent permitted by law, including the implied warranties that the Information is merchantable, of satisfactory quality, accurate, fit for a particular purpose or need, or non-infringing, unless such implied warranties are legally incapable of exclusion. Further, ThreatExpert does not warrant or make any representations regarding the use or the results of the use of the Information in terms of their correctness, accuracy, reliability, or otherwise.

Copyright © 2014 ThreatExpert. All rights reserved.