Proxyware.Win32.BrightApp.C

This Proxyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It requires being executed with a specific argument/parameter, an additional component, or in a specific environment in order to proceed with its intended routine.

Arrival Details

This Proxyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Other Details

This Proxyware accepts the following parameters:

• -h → help
• --updater appid → run init_monitor with provided appid.
• --install appid → install service with provided appid
• --install-ui appid → install service with provided appid after showing dialog and getting user permission
• --check-peer appid → validate peer
• --uninstall appid → remove service with provided appid (must match appid used during install)
• --start-service appid → starts Bright Data service
• --stop-service appid → stops Bright Data service
• --dlg-pos → owner|screen|top:left
• --dlg-language → language code e.g. "de-DE" or "de"
• --dlg-bg-color color → e.g. "#ff112233"
• --dlg-btn-color color
• --dlg-txt-color color
• --dlg-app-name name
• --dlg-logo-link logo
• --dlg-benefit benefit
• --dlg-agree-btn text
• --dlg-disagree-btn text
• --campaign campaign_id → optional parameter for the further breakdown of the existing app ID to monitor the statistics separately

It requires being executed with a specific argument/parameter, an additional component, or in a specific environment in order to proceed with its intended routine.