5/5 - (1 votes)

SharePal, Advertising Software (Adware).

The SharePal program belongs to a family of Advertising Software (Adware). It can display ads in the form of coupons and banner ads in the form of popups.

These announcements are usually signed with the words “Powered by”, “Brought to you by” or even “Ads by”, followed by the adware name. Some security solutions classify this software as a Trojan Horse.

This program is classified in the category of advertising software (Adware), from the English "ADS" short for the English Advertissement (Promotional poster). Adware usually installs as a program or browser extension and is loaded every time the system starts. They can launch services, start scheduled tasks, and create shortcuts on your Desktop. All these operations are done with or without your consent according to the terms of its user contract. Once installed, adware can modify certain settings of your browsers such as search pages, the start page or even your "404" error page. Adware can collect your browsing habits and communicate them to a server using the tracking method because it is most often a marketing solution aimed at retaining customers.

While browsing, it generally displays ads in the form of coupons and advertising banners in the form of popups. These ads are generally signed with the words "Powered by", "Brought to you by" or "Ads by", followed by the name of the adware. But some adware exaggerates the size and frequency of displaying ads, which can harm the speed of Internet browsing and the visibility of the content of the pages consulted. Please also note that the advertising publisher may decline any responsibility for the content of the links targeted by its advertisements. Ultimately, the goal of these programs is to make money by driving web traffic to sponsored sites. Some adware is installed via packaged software and are not necessarily wanted by the user and antiviruses generally classify them as Potentially Unwanted Software (LPI/PUP).
[the_ad id = "33969"]

The role of Trojan horse (Trojan) is to get this parasite onto the computer and install it there without the user's knowledge. The contained program is called the "payload". It can be any type of parasite: virus, keylogger, spyware. It is this parasite, and it alone, which will execute actions within the victim computer. The Trojan horse is nothing other than the vehicle, the one who does "bring the wolf into the fold". It is not harmful in itself because it does not perform any action other than allowing the installation of the real parasite.

Spyware (spyware) and adware (adwares) unwanted files, just like malware, can use the writing flaws of legitimate software or those of operating systems. It is therefore essential to have official software and that it has automatic updating. Likewise, your Windows operating system must be programmed in automatic update mode and activated, so that you can have the latest updates for critical security vulnerabilities.

TECHNICAL ELEMENTS

Features

– Starts a process at system launch (RP),
- Created multiple application shortcuts, Desktop, QuickLaunch, Taskbar, Programs (O4GS),
- It is installed in the Registry Base in order to be launched each time the system starts (O4),
- It installs as a program (O42)
– Created multiple “Software” registry keys,
- Adds additional folders (O43),
- Registration in the Windows prefetcher folder (O45)
– Adds multiple user files (O61),

Preview in reports

Recorded on 15/09/2018
O4 – HKLM\..\Run: [SharePal] . (. – SharePal.) — C:\Users\Coolman\AppData\Local\SharePal\SharePal.exe
O4 – HKLM\..\Run: [SharePal Updater]. (. – SharePal Updater Agent.) — C:\Users\Coolman\AppData\Local\SharePal\SharePal_updater.exe
[MD5.D613EBD234209D4E8B5AAAD5580C5A64] – (. – SharePal.) — C:\Users\Coolman\AppData\Local\SharePal\SharePal.exe [3253760] [PID.2952]
[MD5.233A1552492A73E6BDF945833532BD21] – (. – SharePal Updater Agent.) — C:\Users\Coolman\AppData\Local\SharePal\SharePal_updater.exe [1386496] [PID.2972]
O42 – Software: SharePal – (.SharePal.) [HKLM][64Bits] — SharePal
HKCU\SOFTWARE\SharePal
HKU\S-1-5-21-1679877808-1371679782-3373212071-1000\SOFTWARE\SharePal
O43 – CFD: 15/09/2018 – [] D — C:\Users\Coolman\AppData\Local\SharePal

Alias

Virus Total Analysis SharePal.exe :
Avira (no cloud) ADWARE/SharePal.B 20180914
Bkav W32.eHeur.Malware09 20180914
CAT-QuickHeal Trojan.Zpevdo 20180912
Cyren W32/Trojan.CLGB-3269 20180915
McAfee Artemis!D613EBD23420 20180915
McAfee-GW-Edition BehavesLike.Win32.Dropper.wh 20180915
Qihoo-360 Win32/Trojan.Generic.8b0 20180915
Rising Trojan.Zpevdo!8.F912 (CLOUD) 20180915
TACHYON Trojan/W32.DP-Agent.3253760 20180915
TrendMicro-HouseCall Suspicious_GEN.F47V0912 20180915

Virus Total Analysis SharePal_updater.exe :
Avira (no cloud) ADWARE/SharePal.A 20180915
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cylance Unsafe 20180915
Qihoo-360 Win32/Virus.Adware.d9a 20180915
Rising Malware.Heuristic!ET#88% (RDM+:cmRtazoXDga14AfxpjFu2MYBJAs0) 20180915
VBA32 TScope.Trojan.Delf 20180914