Submission Summary:

What's been foundSeverity Level
Downloads/requests other files from Internet.
Creates a startup registry entry.
Registers a 32-bit in-process server DLL.
Registers a Browser Helper Object (Microsoft's Internet Explorer plugin module).

 

Technical Details:

 

File System Modifications

#Filename(s)File SizeFile Hash
1 %ProgramFiles%\sidematch\FreeApp.exe 48,080 bytes MD5: 0x5F1A003EE27AC7947C42F6DA100D00C6
SHA-1: 0xC4D16E2B05ED3AEF2781A5A3650A5D6BE9A81AB1
2 %ProgramFiles%\sidematch\SideBand.dll 413,136 bytes MD5: 0x0C00344A698C8BBB2BA08F99BA7C1515
SHA-1: 0xEA4279510874B4981F4CF846D8D896EAB7C91178
3 %ProgramFiles%\sidematch\sidematch Update Log.txt 2,067 bytes MD5: 0x6BD4FF88827E9CD24D60369910382582
SHA-1: 0x55444406E482D8003FC18B9199962F627120A3B8
4 %ProgramFiles%\sidematch\sidematch.dat 22,121 bytes MD5: 0xDEF2D4DD75BF2A0A67D4F5B596659802
SHA-1: 0x0696E912CF99EE26802E0CE7248AEC5260AB6C11
5 %ProgramFiles%\sidematch\sidematch.exe 467,456 bytes MD5: 0xC3F58232FB7870D4E0BF310EFA967FC1
SHA-1: 0x8AE0B4FB13F1F59809D4ADC19BDFBAEA45DD90AA
6 %ProgramFiles%\sidematch\SideMatch_v8.dll 381,904 bytes MD5: 0xDFF4862693E2CCEA894EDCF605C34D14
SHA-1: 0xB39248CAB148F88D7990095A57555E0E05AD2B26
7 %ProgramFiles%\sidematch\unins000.dat 10,101 bytes MD5: 0x03DBBA343B7E1A7377DB937E51EADB95
SHA-1: 0x477A1E4E933B868872A6ABD43EF56EA1EB1EE1B7
8 %ProgramFiles%\sidematch\unins000.exe 681,844 bytes MD5: 0xDBB1912375670510B999960C4F84BE05
SHA-1: 0x09601A52D61AE229B6E0BAE8CBDF07274A8A1F03
9 %System%\del_nsis_bat.cmd 167 bytes MD5: 0x5F36F6C84646B5AD645588841CE170AD
SHA-1: 0x6CAB61FB665E72BD22D2281FAF7A4C48E129B08B
10 [file and pathname of the sample #1] 1,587,477 bytes MD5: 0x65BE4EBFAD2CC4889AABDEFCCF46B9DB
SHA-1: 0x48BB797CCF524D9A3F74918344037F19674FBDB1

 

Registry Modifications

 

Other details

Remote HostPort Number
119.70.227.13880
221.141.2.4480

 

 

All content ("Information") contained in this report is the copyrighted work of Threat Expert Ltd and its associated companies ("ThreatExpert") and may not be copied without the express permission of ThreatExpert.

The Information is provided on an "as is" basis. ThreatExpert disclaims all warranties, whether express or implied, to the maximum extent permitted by law, including the implied warranties that the Information is merchantable, of satisfactory quality, accurate, fit for a particular purpose or need, or non-infringing, unless such implied warranties are legally incapable of exclusion. Further, ThreatExpert does not warrant or make any representations regarding the use or the results of the use of the Information in terms of their correctness, accuracy, reliability, or otherwise.

Copyright © 2014 ThreatExpert. All rights reserved.