AOLSoftware.exe
AOL Service Libraries by AOL LLC (Signed)
Version: | 1.5.6.1 |
MD5: | c482c535cbfefe722ec1eb7f11f680a3 |
SHA1: | 8fa6b9679b43df86947d5f3bd38d3f6ee48fc98f |
SHA256: | d7374a4bfef274f7e33fda40aa8ed8d8f78448e745a27032fe80475d5b1faa63 |
Warning 4 antivirus scanners has detected malware.
Overview
aolsoftware.exe is malware that executes as a process with the local user's privileges. It is set to be start when the PC boots and any user logs into Windows (added to the Run registry key for the all users under the local machine). This is typically installed with the program AIM 6 published by AOL Inc.. The file is digitally signed by AOL LLC which was issued by the VeriSign certificate authority (CA).
Details
File name: | aolsoftware.exe |
Publisher: | America Online, Inc. |
Product name: | AOL Service Libraries |
Description: | AOL |
Typical file path: | C:\Program Files\common files\aol\1344401225\ee\aolsoftware.exe |
File version: | 1.5.6.1 |
Size: | 49.55 KB (50,736 bytes) |
Certificate |
Issued to: | AOL LLC |
Authority (CA): | VeriSign |
Effective date: | Sunday, July 23, 2006 |
Expiration date: | Tuesday, July 24, 2007 |
Digital DNA |
PE subsystem: | Windows GUI |
File packed: | No |
Code language: | Microsoft Visual C++ |
.NET CLR: | No |
More details
Programs
The following program will install this file
AOL Instant Messenger (AIM) is an instant messaging programs to allow registered users to communicate in real time. The standard protocol that AIM clients use to communicate is called Open System for CommunicAtion in Realtime (OSCAR). Most AOL-produced versions of AIM and popular third party AIM clients use this protocol.
Behaviors
Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'HostManager' → C:\Program Files\Common Files\AOL\1240167295\ee\AOLSoftware.exe
Network connections
[UDP] listens on port 1229
Malware detections
Based on 40+ industry antivirus scanners, 4 of them detected the following malware.
Antivirus engine | Engine version | Detection |
Antiy Labs AVL |
2.0.3.7 |
Trojan/Win32.Vilsel.gen |
Jiangmin |
13.0.900 |
Trojan/Vilsel.fmj |
nProtect |
2010-11-29.01 |
Trojan/W32.Vilsel.50736 |
The Hacker |
6.7.0.1.093 |
Trojan/Vilsel.abzx |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
CPU |
Total CPU: | 0.00109916% | |
Kernel CPU: | 0.00069448% | |
User CPU: | 0.00040468% | |
Kernel CPU time: | 3,938 ms/min | |
Context switches: | 300/sec | |
Memory |
Private memory: | 3.59 MB | |
Private (maximum): | 6.08 MB | |
Private (minimum): | 2.48 MB | |
Non-paged memory: | 3.59 MB | |
Virtual memory: | 66.65 MB | |
Virtual memory (peak): | 76.46 MB | |
Working set: | 4.37 MB | |
Working set (peak): | 8.27 MB | |
Page faults: | 17,448/min | |
I/O |
I/O read transfer: | 3.57 KB/sec | |
I/O read operations: | 98/sec | |
I/O write transfer: | 1.69 KB/sec | |
I/O write operations: | 4/sec | |
I/O other transfer: | 274.06 KB/sec | |
I/O other operations: | 387/sec | |
Resource allocations |
Threads: | 10 | |
Handles: | 441 | |
GUI GDI count: | 11 | |
GUI USER count: | 27 | |
Process properties
Integrety level: | Undefined |
Platform: | 32-bit |
Command line: | "C:\Program Files\common files\aol\1344401225\ee\aolsoftware.exe" /embedding /c defaultcfg |
Owner: | User |
Parent process: | waol.exe (America Online by America Online) |
Threads
Averages
aolsoftware.exe (main module) |
Total CPU: | 0.00344956% | |
Kernel CPU: | 0.00122703% | |
User CPU: | 0.00222254% | |
Context switches: | 88/sec | |
Memory: | 44 KB | |
msvcrt.dll (Windows NT CRT DLL by Microsoft) |
Total CPU: | 0.00085661% | |
Kernel CPU: | 0.00054793% | |
User CPU: | 0.00030869% | |
Context switches: | 71/sec | |
Memory: | 352 KB | |
Common loaded modules
These are modules that are typiclaly loaded within the context of this process.
Distribution by Windows OS
OS version | distribution |
Windows Vista Home Premium |
66.67% |
|
Microsoft Windows XP |
33.33% |
|
Distribution by country
United States installs about 100.00% of AOL Service Libraries.
Distribution by PC manufacturer
PC Manufacturer | distribution |
Dell |
50.00% |
|
Sony |
50.00% |
|