a2zlyricshrk158.exe

The application a2zlyricshrk158.exe has been detected as adware by 11 anti-malware scanners. This executable runs as a local area network (LAN) Internet proxy server listening on port 13828 and has the ability to intercept and modify all inbound and outbound Internet traffic on the local host. This file is typically installed with the program a2zLyrics by Revizer Technologies which is a potentially unwanted software program.
MD5:
3cb25ac76399e856bafa7cd357747592

SHA-1:
31d464b340df1ecb269a988aa2d5b36c6e5ce2ac

SHA-256:
e1a59758e43e2f9f2edc20d3f4cd93800e9ae3f415ce921c2c2d1a57eab49869

Scanner detections:
11 / 68

Status:
Adware

Analysis date:
11/26/2024 11:12:20 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Agent
7.1.1

avast!
Win32:Adware-BMG [PUP]
2014.9-140516

AVG
Generic5
2015.0.3473

Baidu Antivirus
Adware.Win32.AddLyrics
4.0.3.14516

ESET NOD32
Win32/AdWare.AddLyrics.AK (variant)
8.9734

Fortinet FortiGate
Adware/Agent
5/16/2014

Kaspersky
not-a-virus:AdWare.Win32.Agent
14.0.0.3859

Reason Heuristics
Threat.Win.Reputation.IMP
14.5.16.4

Sophos
Generic PUA DB
4.98

Trend Micro House Call
TROJ_GEN.R0C9H07DN14
7.2.136

Vba32 AntiVirus
AdWare.Agent
3.12.26.0

File size:
138.5 KB (141,824 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\a2zlyrics-soft\a2zlyricshrk158.exe

File PE Metadata
Compilation timestamp:
4/7/2014 4:50:34 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
1536:H9oFFiycTyex6rFLAWgq9ATVNsOJxG9ZxY6a0jgCA8FolkSlR8+AFU1GkdS0oBzo:doO8ex6ZgqaFw+agCwXkU1G8S0iJay9

Entry address:
0xBCD9

Entry point:
E8, 09, 58, 00, 00, E9, 95, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 80, 00, 00, 00, 72, 0E, 83, 3D, 48, 1E, 42, 00, 00, 74, 05, E9, 66, 58, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83, E2, 03, C1, E9, 02, 74, 06, F3, AB, 85, D2, 74, 0A, 88, 07, 83, C7...
 
[+]

Code size:
83.5 KB (85,504 bytes)

Local Proxy Server
Proxy for:
Internet Settings

Local host address:
http://127.0.0.1:13828/

Local host port:
13828

Default credentials:
No


The file a2zlyricshrk158.exe has been discovered within the following program.

a2zLyrics  by Revizer Technologies
This adware injects advertising in the user's Internet browser by running as an extension and/or add-on. Ads are delivered in the form of banners and text-links (roll-overs) as well as some popup ads. These ads are typically injected in the header of footer are of the web page.
86% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to storage03x.xenium.pl  (194.0.171.186:80)

TCP (HTTP):
Connects to ec2-54-208-30-101.compute-1.amazonaws.com  (54.208.30.101:80)

TCP (HTTP SSL):
Connects to ec2-52-20-120-15.compute-1.amazonaws.com  (52.20.120.15:443)

Remove a2zlyricshrk158.exe - Powered by Reason Core Security