Home / malware SoftwareBundler:Win32/OxyPumper
First posted on 11 September 2014.
Source: MicrosoftAliases :
There are no other names known for SoftwareBundler:Win32/OxyPumper.
Explanation :
Threat behavior
Installation
You might download this application by mistake when you try to install a free music program or other application. When you run this application, it might look like the following:
We have also seen this program advertising for an MP3 music download:
In some cases, the program will also ask you to install another app named Giga Clicks, Hyper Browser, or Idle Browse. This other app is a click fraud malware that we detect as Win32/Clikug.
Payload
Installs Win32/Clikug
This program has been known to download and install Win32/Clikug. This malware family can use your internet connection to perform click fraud.
Analysis by Geoff McDonald
Symptoms
The following could indicate that you have this program on your PC:
- You are prompted to install a program called Giga Clicks, Hyper Browser, or Idle Browser
- You see a dialog similar to:
Last update 11 September 2014
