home

diyqkuoi.exe

Video Dimmer

Small Island Development

This is part of an adware program designed to inject advertising in the web browser (banners, text-links) as well as modify the normal behavior of the browser as well as modify the computer’s system settings that control applications to run on startup. Part of the Injekt brand of unwanted programs. The application diyqkuoi.exe by Small Island Development has been detected as adware by 15 anti-malware scanners. According to AVG, this software downloads additional adware offers during setup.
Publisher:
Small Island Development  (signed and verified)

Product:
Video Dimmer

Description:
VideoDimmer

Version:
1.0.0.0

MD5:
c376ae60ab21a05a095b17cfa1d36806

SHA-1:
5a70b4e29e3b65058a2f3897f358a83bd331f389

SHA-256:
48792dba3428c31d83efc8991b323e4623d78411866edca8b2bbb7508b138b2f

Scanner detections:
15 / 68

Status:
Adware

Explanation:
Injects display ads (banner ads), in-text ads, interstitial ads, or other types of ads in the web browser as well as alters the browsers settings (home page, search, DNS, and security protocols).

Analysis date:
4/25/2024 4:34:49 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.PullUpdate
7.1.1

AVG
Potentially harmful program Downloader.CBD
2014.0.4311

Baidu Antivirus
Adware.MSIL.PullUpdate
4.0.3.15331

Bkav FE
W32.HfsAdware
1.3.0.6379

Comodo Security
ApplicUnwnt
21595

Dr.Web
Adware.Yontoo.59, Adware.Yontoo.55
9.0.1.05190

ESET NOD32
MSIL/Adware.PullUpdate.G.gen (variant)
9.11402

Fortinet FortiGate
Adware/PullUpdate
3/31/2015

Kaspersky
not-a-virus:AdWare.MSIL.PullUpdate
15.0.0.543

Malwarebytes
PUP.Optional.VideoDimmer.A
v2015.03.31.03

Panda Antivirus
Adware/TVWizard
15.03.31.03

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Reason Heuristics
PUP.Injekt
15.3.31.3

Sophos
Generic PUA FK
4.98

Vba32 AntiVirus
TScope.Trojan.MSIL
3.12.26.3

File size:
47 KB (48,112 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © Small Island Development 2015

Original file name:
VideoDimmer.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\ProgramData\application data\grvnfbxjuv\dat\diyqkuoi.exe

Digital Signature
Signed by:
Small Island Development

Authority:
Symantec Corporation

Valid from:
12/23/2014 7:00:00 PM

Valid to:
2/22/2016 6:59:59 PM

Subject:
CN=Small Island Development, O=Small Island Development, L=St. James, S=St. James, C=BB

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
2ACB4CDCE993E485342ABFA2BCA95A17

File PE Metadata
Compilation timestamp:
3/27/2015 4:23:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:vXlV+3JIXmQL+hAxjtzHXsnfQx+qPKhN9qrjztYkpNoAXkiqwu2A6QZ2bDh:vL+eL+hAxjlsnfQx+qPKT9qrFfm4kQuO

Entry address:
0xB83E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.6720

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
38.5 KB (39,424 bytes)

Remove diyqkuoi.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.