home

albrechto.ieupdate.dll

albrechto

This is the Internet Explorer add-on for the Yontoo albrechto branded web browser plugin (injects banner, text-link and popup ads). The component is responisble for registering the Browser Helper Object into IE and keeping it registered. The module albrechto.ieupdate.dll by albrechto has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
albrechto  (signed and verified)

Version:
1.0.5474.36855

MD5:
04cfa1c8d74868b22c99068f3dbd3b80

SHA-1:
3223047cae016ab21660a77e5e8d4e2e71ba810d

SHA-256:
b4b61e712227901e66695b6e85144a39bf3037cfd0f3cf51410b78254d726e26

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo distributed ad-supported web browser add-on for Internet Explorer.

Analysis date:
11/23/2024 9:45:29 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Yontoo (M)
17.3.12.9

File size:
658.3 KB (674,080 bytes)

Product version:
1.0.5474.36855

Original file name:
albrechto.IEUpdate2014122804.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\albrechto\bin\plugins\albrechto.ieupdate.dll

Digital Signature
Signed by:
albrechto

Authority:
VeriSign, Inc.

Valid from:
9/18/2013 7:00:00 PM

Valid to:
9/19/2015 6:59:59 PM

Subject:
CN=albrechto, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=albrechto, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0AAC8B95EA7A39BA646CDEAEEB8F189B

File PE Metadata
Compilation timestamp:
12/27/2014 10:28:36 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

.NET CLR dependent:
Yes

Entry address:
0xA478E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.8204

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
650 KB (665,600 bytes)

Remove albrechto.ieupdate.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.