64boost.dll

Boost Shopping

The module 64boost.dll, “Boost is an application designed to help you compare products and prices while you shop online.” by Boost Shopping has been detected as adware by 4 anti-malware scanners.
Publisher:
Boost  (signed by Boost Shopping)

Product:
Boost

Description:
Boost is an application designed to help you compare products and prices while you shop online.

Version:
3.0.1.6

MD5:
8ed7d847e53537ca213ea94fe3eac322

SHA-1:
281fafa364410276825664b10fdd6ca5e7054239

SHA-256:
ce3658dffc8a17bc487f1a11bd69b89b016dd98ec75777f48584c907211f90ee

Scanner detections:
4 / 68

Status:
Adware

Analysis date:
12/24/2024 11:47:57 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Generic
2016.0.2950

Dr.Web
Adware.Shopper.920
9.0.1.0294

Malwarebytes
PUP.Optional.Boost.A
v2015.10.21.11

Reason Heuristics
PUP.Betwikx.BoostShopping (M)
15.10.21.11

File size:
542.9 KB (555,952 bytes)

Product version:
3.0.1.6

Copyright:
(C) 2014 Boost Shopping. All right reserved.

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\Program Files\boost\64boost.dll

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
5/13/2015 3:00:00 AM

Valid to:
8/12/2016 2:59:59 AM

Subject:
CN=Boost Shopping, O=Boost Shopping, L=Bellevue, S=Washington, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
56BE18B038839D1B74FAC83C3F051C21

Registration
CLSID:
{2299856A-6506-42E3-A34F-CD35A47C1B19}

ProgID:
Boost.BoostBho.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
6/15/2015 10:41:42 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:wYeVPuHvVsq/IDad/+eQEv+LCKMRYQT14jwfOPfGtCbMr8jf09uRKPsrMQspKzoA:wYeoH9sC8ad/+E+3M49qlQspKzoA

Entry address:
0x2CF5C

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 53, BC, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, A7, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 8B, C1, 48, F7, D9, 48, A9, 07, 00, 00, 00, 74, 0F, 66, 90, 8A, 10, 48, FF, C0, 84, D2, 74, 5F, A8, 07, 75, F3, 49, B8, FF, FE, FE, FE, FE, FE, FE, 7E, 49, BB, 00, 01, 01...
 
[+]

Entropy:
5.9490

Code size:
269 KB (275,456 bytes)

Remove 64boost.dll - Powered by Reason Core Security