Home / malwarePDF  

PUA:Win32/BrowseFox


First posted on 29 June 2019.
Source: Microsoft

Aliases :

PUA:Win32/BrowseFox is also known as not-a-virus:AdWare.Win32.Yotoon.szt, BrowseFox-FWL, a variant of MSIL/BrowseFox.G potentially unwanted applicati, Browse Fox, PUA_BROWSEFOX, Trojan.BrowseFox!1.A4B8, Adware.BrowseFox.BU, PUA.Yontoo.C.

Explanation :

Installation

This application can be downloaded from websites that offer third-party software downloads. For example, we have seen it downloaded from:

utiles.megatech.la toolslib.net

We have seen this application use the following file names:

GrabRezSetup.exe

It can be digitally signed by the following vendors:

Sale Tube IntelModel Scape Nano Care Fiercely Pass to Post

We have seen this application using product names such as:

StdLib Plinx Yontoo Desktop Primary Color

This application communicates with domains such as:

cdn.searchnewwindow.com cdnh.searchwebknow.com searchquickknow-a.akamaihd.net cdn.results-hub.com outrageousdeal-a.akamaihd.net

For example:

cdn.searchnewwindow.com/SearchNewWindow/gpd? cdn.searchnewwindow.com/SearchNewWindow/ucz? cdnh.searchwebknow.com/SearchWebKnow/dtz? Payload

Exhibits suspicious behaviors

We have observed this application exhibit the following potentially unwanted behavior on PCs:

Injects into other processes on your system Changes your browser's default homepage settings Changes your browser's default new tab page settings Changes your browser's default search provider settings Installs extensions into your browsers - often this is used to inject ads, add toolbars, or change how your browser works Changes the Google Chrome secure preferences - this behavior is commonly associated with tampering with the default homepage or search provider in Chrome

Installs other programs

We have seen this application install other software on your PC. Some of these applications might be bundled during the installation process and not intended to be installed. We have seen it installing programs such as:

Mass Sea Search New Window Search Expanse Search Adventure Buzzdock Hoopla Search Tide Search Adobe Flash Player 22 ActiveX Adobe Refresh Manager

This description was published using automated analysis.

Last update 29 June 2019

 

TOP

Malware :