virus logo Virus

Adware/CnsMin

description-logoAnalysis

Adware/CnsMin - 06-06-02


General Info:

This threat is a "PE" executable file

Files:

  • Drop files: ".dll" + data

Installation to System:

  • Drops the following files:
    undefinedWindowsundefined\Downloaded Program Files\CnsMin.dll undefinedWindowsundefined\Downloaded Program Files\Cns02.dat
  • And creates these registry entries:
    HKEY_CLASSES_ROOT\CnsHelper.CH.1 HKEY_CLASSES_ROOT\CnsHelper.CH HKEY_CLASSES_ROOT\CLSID\{B83FC273-3522-4CC6-92EC-75CC86678DA4} HKEY_CLASSES_ROOT\Interface\{DF692509-D9EF-48A0-9CD0-3AA5B81F6F68} HKEY_CLASSES_ROOT\TypeLib\{AAB6BCE3-1DF6-4930-9B14-9CA79DC8C267} HKEY_CURRENT_USER\Software\3721 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main CNSMenu = dword:86397712 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main CNSHint = dword:00000001 HKEY_CURRENT_USER\Software\Microsoft\

More Info:

This adware monitors Internet Explorer search strings and redirects the user to a Chinese search site.

Telemetry logoTelemetry

Detection Availability

FortiClient
Extreme
FortiMail
Extreme
FortiSandbox
Extreme
FortiWeb
Extreme
Web Application Firewall
Extreme
FortiIsolator
Extreme
FortiDeceptor
Extreme
FortiEDR

Version Updates

Date Version Detail
2022-05-25 90.02623
2021-11-23 89.07133
2021-10-12 89.05871
2021-09-25 89.03580
2021-07-28 87.00967
2021-07-13 87.00600
2021-06-29 87.00261
2021-05-17 86.00238
2021-05-12 86.00132
2021-04-29 85.00798
ID 38935
Released Jun 02, 2006
Description
Updated		 Jun 02, 2006
Aliases ADSPY/Yisou.A.1, Win32:CnsAdd-2, Adware.Cdn
Platform Profile Adware typically display advertising content to the user. This advertising content may take many forms, but is typically in the form of web browser pop-up advertisements. In most circumstances, the user is not aware of the Adware component being installed on the local machine.