Mirar

Description:	Adware
Risk Level:	High
Date of First Occurence:	Tuesday, April 15, 2008
Software Developer:	(unknown)
Brief Info:	Mirar is an adware implemented as an Internet Explorer toolbar.
Removal:	This threat can be removed using "Spyware Terminator"

SCAN & REMOVE NOW »

Geographical Distribution of Threat "Mirar"

Threat Info

View All

Detected Items

Detected Files: %SYSDIR%\WinNB57.dll MD5: 50C2F4AF9DC11B87717F04A2543A2DF5 Size:303104 MD5: 307F1A3AA935B17B411933117854CE2E Size:311296 MD5: 7981BB1A2CFC130BDBFDED158DC13E47 Size:303104 MD5: 2894972771A64F5EC79D13EF693E1CEB Size:385024 MD5: 56564682BEBE6468AFEDBBF3C0B4D96A Size:303104 MD5: 7B70375D6FDE60C82B9E82613CB7E9FB Size:303104 MD5: E69D5282C42C8987B03B38792FD9A4F8 Size:286720 MD5: 8A3F6B0CF00E1E96440C65DDEAAD7CD8 Size:385024 MD5: 99DB7FDB9E6258B798B23A289ACA6F81 Size:286720 %SYSDIR%\winats.dll MD5: FB1DAE9DC3334357D22D76B2497D8256 Size:32768 %DOWNLOADEDPROGRAMFILES%\MirarSetup.exe MD5: 189991A64274165F2EC7E0C3AF1177E9 Size:159744 MD5: FEC9E83602A159C4984ED2BF401A96A0 Size:167936 MD5: C9970B6E7A79A5FE9A6AE86DEF145B85 Size:159744 %WINDIR%\876029.EXE MD5: F50F7EC61039CE97375B3E9D28488846 Size:17410 MD5: 43E72A80A5588A43C28A923C6D4F23B7 Size:159744 MD5: 6B7EB6483CE91E1553E01276A863F0BE Size:56670 %SYSDIR%\WinNB58.dll MD5: D74B5ECF22B9E5BDC067A671FCC4E1C5 Size:385024 MD5: E169981DC40B74152E81D62FABBC7FBF Size:380928 MD5: 2416C6A8A99FAB3F3AF744840BA79E1B Size:380928 MD5: 84666114DC0E90429F20C8554FF24AF4 Size:385024 MD5: A8F377207917A497CDCA9E7CED8602A6 Size:380928 MD5: 70969E2669FF6D27B60ACF454A62C474 Size:385024 MD5: 840501771F601BC8D39A68FC09513213 Size:380928 MD5: 9A211CEF439DF26E12933C98B2F3708B Size:376832 MD5: 1F0FABD5AAD4F86809B33534AD553E9B Size:385024 MD5: C29EC01A899449FD5E2484F9D78A0572 Size:380928 MD5: 7B934FEDF0FC53DE51105D4D6B0EC0A9 Size:376832 MD5: 587B9B102711893B405D4583D24A153D Size:380928 and more.... %SYSDIR%\WinNB56.dll MD5: 5CFA66960E9CA71DC326273C5C801DCD Size:380928 MD5: F411B3ED568ADD2F14A6A03074F46AB0 Size:380928 %SYSDIR%\WinDmy.dll MD5: 9E261B7B50362AF8F0D3D7D77671E8AE Size:32768 %SYSDIR%\WinNB58.dll MD5: 5E392B9640D8AA0DCF738CFACEA7BC68 Size:380928 MD5: D41D8CD98F00B204E9800998ECF8427E MD5: 8D5E58F74E35620708196FFF5C00D443 Size:380928 MD5: C9C83198B4E961EF0A6FDEF9D503032C Size:385024 MD5: 1964FD0F2DC908106DD8D0860D870DB7 Size:380928 MD5: 14AA3E4D49FF2DFDB8AAF254622A1A89 Size:385024 MD5: C605AD30884329AD9EF543DEC38CE355 Size:376832 MD5: E169981DC40B74152E81D62FABBC7FBF MD5: C605AD30884329AD9EF543DEC38CE355 MD5: 1964D4949993B52E83AEAA6E0609BCD4 Size:380928 MD5: 84666114DC0E90429F20C8554FF24AF4 MD5: A5D58B13005F2F901BDA5B828C34D46E Size:385024 and more.... %WINDIR%\mirar.exe MD5: 4CD46C7B7AD4A06A64252C20A9321EC5 Size:100469 MD5: A9C2B4BBFD6F9D26983DCE68B2ECBE11 Size:102400 %SYSDIR%\WinNB58.dll MD5: 201BE63ED3232C12B0AF525565B8D34E Size:376832
Detected Files with variable Filenames: MD5: 7C07728554DE6836D2CB16CA1673FD72 Size: 303104 c:\WINDOWS\SYSTEM32\WinNB57.dll %SYSDIR%\WinNB57.dll

Detecting items list:

Files by Name %sysdir%\windmy.dll %SysDir%\NN_BAR.DLL %SysDir%\NN_Bar21.dll %SysDir%\NN_Bar22.dll %SysDir%\NN_Bar31.dll %sysdir%\Winnb56.dll %Sysdir%\WinNB57.dll %DOWNLOADEDPROGRAMFILES%\MirarSetup.exe %TEMP%\875455-NOSB.exe %TEMP%\mit3.tmp %TEMP%\mit3.tmp.cab %windir%\876029.EXE %sysdir%\winats.dll %sysdir%\WINNB57.DLL %windir%\mirar.exe %SYSDIR%\WinNB58.dll
Files by MD5 MD5: 4747EF0DC41FDAF92B34883FBCFF4CBC Size: 68848
Files by CLSID or Name CLSID=8a0dcbda-6e20-489c-9041-c1e8a0352e75 CLSID=9A9C9B68-F908-4AAB-8D0C-10EA8997F37E CLSID=179E4B4A-76C3-4F65-BCED-C9FA1A28D2EF CLSID=1037B06C-84B7-4240-8D80-485810A0497D CLSID=224302B0-94E9-45C2-9E5B-BA989EE556E1 CLSID=54B287F9-FD90-4457-B65E-CB91560C021D CLSID=6E4C7AFC-9915-4036-B7F9-8B3F1710788F CLSID=566DEDE9-9ED8-45DA-9BE6-9B2EEAB17F49 CLSID=F8310E7D-4C4D-46A4-A068-B5BB99411CC7 CLSID=9A9C9B69-F908-4AAB-8D0C-10EA8997F37E CLSID=9A9C9B68-F908-4AAB-8D0C-10EA8997F37E
Registry Keys HKCU\Software\LifeTimePorn HKCR\\NN_Bar_Dummy.NN_BarDummy HKCR\\NN_Bar_Dummy.NN_BarDummy.1

« Go to Software Database

Search in Our Software Database

Browse Software Database

Latest Malware News

September 23, 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Older malware news »