home

wblinkies.exe

INIWebLink

DBS Media Co.,Ltd

The application wblinkies.exe by DBS Media Co.,Ltd has been detected as adware by 34 anti-malware scanners. It is also typically executed from an Internet Explorer cache folder.
Publisher:
DBS Media Co.,Ltd  (signed and verified)

Product:
INIWebLink

Version:
1.0.0.0

MD5:
43b936c9473d1aa92c4d5d1054189c43

SHA-1:
8864bb9e7609b26a3c99343956f89249560a0b32

SHA-256:
63a911170ff10007ccfae82c9aec82bdbd68f480e17869a0cafc91a58761b1a6

Scanner detections:
34 / 68

Status:
Adware

Analysis date:
4/24/2024 5:37:33 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Strictor.44472
361

Agnitum Outpost
PUA.Kraddare
7.1.1

AhnLab V3 Security
PUP/Win32.WebLink
16.02.08

Avira AntiVirus
Adware/Symmi.36013.19
7.11.145.56

avast!
Win32:Adware-gen [Adw]
2014.9-160208

AVG
Generic10_c.AIEF.dropper
2017.0.2839

Bitdefender
Gen:Variant.Adware.Strictor.44472
1.0.20.195

Bkav FE
W32.HfsAdware
1.3.0.6379

Comodo Security
ApplicUnwnt
18165

Dr.Web
Adware.Downware.3790
9.0.1.039

Emsisoft Anti-Malware
Gen:Variant.Adware.Strictor.44472
8.16.02.08.08

ESET NOD32
Win32/Adware.Kraddare.HH (variant)
10.9720

Fortinet FortiGate
Riskware/Kraddare
2/8/2016

F-Secure
Gen:Variant.Adware.Strictor.44472
11.2016-08-02_2

G Data
Gen:Variant.Adware.Strictor.44472
16.2.24

IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.6.1.0

K7 AntiVirus
Unwanted-Program
13.176.11637

Kaspersky
not-a-virus:AdWare.Win32.Kraddare
14.0.0.691

Malwarebytes
PUP.K.INIWebLink
v2016.02.08.08

McAfee
RDN/Generic PUP.x!b2i
5600.6495

MicroWorld eScan
Gen:Variant.Adware.Strictor.44472
17.0.0.117

NANO AntiVirus
Riskware.Win32.Strictor.csvvfw
0.28.0.59492

nProtect
Adware/W32.KrAdword.990304
14.04.03.01

Panda Antivirus
Trj/CI.A
16.02.08.08

Qihoo 360 Security
Win32/Virus.Adware.1e8
1.0.0.1015

Quick Heal
AdWare.Wingo.r3 (Not a Virus)
2.16.14.00

Reason Heuristics
PUP.DBSMedia (M)
16.2.8.20

Sophos
Generic PUA KA
4.98

Trend Micro House Call
TROJ_GEN.F47V0319
7.2.39

Trend Micro
TROJ_GEN.R0CBC0ECV14
10.465.08

Vba32 AntiVirus
suspected of Trojan-Clicker.Agent.16
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
28592

ViRobot
Adware.Agent.990288
2011.4.7.4223

XVirus List
Win32.Detected
2.5.1

File size:
476.1 KB (487,504 bytes)

Product version:
1.0.0.0

Copyright:
DBS Media Co.,Ltd

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\wblinkies.exe

Digital Signature
Signed by:
DBS Media Co.,Ltd

Authority:
Thawte, Inc.

Valid from:
3/6/2014 9:00:00 AM

Valid to:
5/6/2015 8:59:59 AM

Subject:
CN="DBS Media Co.,Ltd", O="DBS Media Co.,Ltd", L=Gangnam-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
26A9BEA3BBF57A71B6427DA6E02270F3

File PE Metadata
Compilation timestamp:
6/20/1992 7:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:iRbIb+THsKBMRiF6lzpMGEnaQuWbmXOn0ikB41i:idIbU5BKtpDtPZ2Y

Entry address:
0x12CCC0

Entry point:
60, BE, 00, A0, 4B, 00, 8D, BE, 00, 70, F4, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 19, 8B, 1E, 83, EE, FC, 11, DB, 72, 10, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 78, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11...
 
[+]

Entropy:
7.9080

Packer / compiler:
UPX 2.90LZMA

Code size:
460 KB (471,040 bytes)

Remove wblinkies.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.