64boost.dll

Boost Shopping

The module 64boost.dll, “Boost is an application designed to help you compare products and prices while you shop online.” by Boost Shopping has been detected as adware by 2 anti-malware scanners.
Publisher:
Boost  (signed by Boost Shopping)

Product:
Boost

Description:
Boost is an application designed to help you compare products and prices while you shop online.

Version:
3.0.1.3

MD5:
fdd31bdcfadfb762d2c2f341bbf83b73

SHA-1:
e1807b9d2f1e54d38041cca8581814100ebb5ccc

SHA-256:
2343bc722346d5ff1a45a17453daa235645faa3d3cd8c9fcba3634cd72383060

Scanner detections:
2 / 68

Status:
Adware

Analysis date:
12/24/2024 11:20:39 AM UTC  (today)

Scan engine
Detection
Engine version

Malwarebytes
PUP.Optional.Boost.A
v2015.05.28.01

Reason Heuristics
PUP.BoostShopping
15.5.27.21

File size:
542.9 KB (555,952 bytes)

Product version:
3.0.1.3

Copyright:
(C) 2014 Boost Shopping. All right reserved.

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Program Files\boost\64boost.dll

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
5/13/2015 1:00:00 AM

Valid to:
8/12/2016 12:59:59 AM

Subject:
CN=Boost Shopping, O=Boost Shopping, L=Bellevue, S=Washington, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
56BE18B038839D1B74FAC83C3F051C21

File PE Metadata
Compilation timestamp:
5/26/2015 8:25:47 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:NYeVPuHvVsq/IDad/+eQEv+LCKMRYQT14jwfOwfvtCbMr+jf09uRKPQrMQspKzos:NYeoH9sC8ad/+E+3MrkqxQspKzos

Entry address:
0x2CF5C

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 53, BC, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, A7, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 8B, C1, 48, F7, D9, 48, A9, 07, 00, 00, 00, 74, 0F, 66, 90, 8A, 10, 48, FF, C0, 84, D2, 74, 5F, A8, 07, 75, F3, 49, B8, FF, FE, FE, FE, FE, FE, FE, 7E, 49, BB, 00, 01, 01...
 
[+]

Entropy:
5.9489

Code size:
269 KB (275,456 bytes)

Remove 64boost.dll - Powered by Reason Core Security