allgenius.ffupdate.dll

allgenius

FFUpdate is the Mozilla Firefox plugin manager for the allgenius branded Yontoo adware browser platform. The component is designed to install and keep Firefox connected to the adware updater. The module allgenius.ffupdate.dll by allgenius has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
allgenius  (signed and verified)

Version:
1.0.5773.2301

MD5:
f108aeeb322afa0490c71b9d36a21a0d

SHA-1:
12e613a85775b0521c399d8c96429bf41094c130

SHA-256:
764b5f9dbb7ec79082bd7cddc0e91d28260486e655d75ef4a30c14649ffd8561

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo distributed ad-supported web browser plugin for Firefox.

Analysis date:
11/27/2024 4:36:26 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Yontoo (M)
17.3.12.6

File size:
551.7 KB (564,976 bytes)

Product version:
1.0.5773.2301

Original file name:
2015102209.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\allgenius\bin\plugins\allgenius.ffupdate.dll

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
4/22/2015 9:00:00 PM

Valid to:
6/21/2016 8:59:59 PM

Subject:
CN=allgenius, O=allgenius, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
014264F6ED75A8C74710DEAB406FF84D

File PE Metadata
Compilation timestamp:
10/22/2015 6:17:45 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

.NET CLR dependent:
Yes

Entry address:
0x89D0A

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
543.5 KB (556,544 bytes)

Remove allgenius.ffupdate.dll - Powered by Reason Core Security