home

64boost.dll

Boost Shopping

The module 64boost.dll, “Boost is an application designed to help you compare products and prices while you shop online.” by Boost Shopping has been detected as adware by 4 anti-malware scanners.
Publisher:
Boost  (signed by Boost Shopping)

Product:
Boost

Description:
Boost is an application designed to help you compare products and prices while you shop online.

Version:
3.0.1.6

MD5:
19599fc90a0d8319c38de99c390809bb

SHA-1:
16caa147044d20e3bdea59dfabb458696e0efb77

SHA-256:
f26fe4bb84bd30092a588e02293c31f5f53b26220dcdeb54d127e006a072743b

Scanner detections:
4 / 68

Status:
Adware

Analysis date:
11/23/2024 8:09:19 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Generic
2016.0.3070

Dr.Web
Adware.Shopper.920
9.0.1.0174

Malwarebytes
PUP.Optional.Boost.A
v2015.06.23.07

Reason Heuristics
PUP.BoostShopping (M)
15.6.23.3

File size:
542.9 KB (555,952 bytes)

Product version:
3.0.1.6

Copyright:
(C) 2014 Boost Shopping. All right reserved.

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Program Files\boost\64boost.dll

Digital Signature
Signed by:
Boost Shopping

Authority:
Symantec Corporation

Valid from:
5/13/2015 12:00:00 AM

Valid to:
8/11/2016 11:59:59 PM

Subject:
CN=Boost Shopping, O=Boost Shopping, L=Bellevue, S=Washington, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
56BE18B038839D1B74FAC83C3F051C21

File PE Metadata
Compilation timestamp:
6/17/2015 4:02:14 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:+YeVPuHvVsq/IDad/+eQEv+LCKMRYQT14jwfOFfGtCbMr8jf09uRKPKrMQspKzoz:+YeoH9sC8ad/+E+3MaFqjQspKzoz

Entry address:
0x2CF5C

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 53, BC, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, A7, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 8B, C1, 48, F7, D9, 48, A9, 07, 00, 00, 00, 74, 0F, 66, 90, 8A, 10, 48, FF, C0, 84, D2, 74, 5F, A8, 07, 75, F3, 49, B8, FF, FE, FE, FE, FE, FE, FE, 7E, 49, BB, 00, 01, 01...
 
[+]

Code size:
269 KB (275,456 bytes)

Remove 64boost.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.