SecurityHome.eu PUA:Win32/MicroNames

Home / malware PDF

PUA:Win32/MicroNames

First posted on 07 July 2016.
Source: Microsoft
Aliases :
There are no other names known for PUA:Win32/MicroNames.
Explanation :
Installation

It can be digitally signed by the following vendors:

MicroNames Co.,Ltd

MicroNames Ltd.

Thawte Premium Server CA

We have seen this application using product names such as:

ConvertConPrc

RetainComp

MainControlProc

RetainPt

ProjectCon

This application communicates with domains such as:

duzip.com

domainserver.co.kr

makevalue.com

maketop.kr

mainserver.kr

For example:

makevalue.com/Config/sTakeList.asp?

duzip.com/Config/sTakeList.asp?

koreaserver.kr/Config/sTakeList.asp?

Payload

Exhibits suspicious behaviors

We have observed this application exhibit the following potentially unwanted behavior on PCs:

Installs programs that start automatically when your PC starts

This description was published using automated analysis.
Last update 07 July 2016

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20