Threat type: Trojan

Aliases:

Platforms: Windows

Overall Risk Rating: Low

Damage Potential: Low

Distribution Potential: Low

Reported Infection: Low

Information Exposure: Medium

Overview:

This MANAGEX variant is a modular adware that is able to gather important information as a browser extension.

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It connects to certain websites to send and receive information. However, as of this writing, the said sites are inaccessible.

We have constantly observed suspicious activities caused by adware, with common behaviors that include access to seemingly random domains with alternating consonant and vowel names, scheduled tasks, and in-memory execution via WScript that has proven to be an effective method to hide their operations for at least four years.

The post Exposing Modular Adware: How DealPly, IsErIk, and ManageX Persist in Systems appeared first on .