appbud.ffupdate.dll

App Bud

FFUpdate is the Mozilla Firefox plugin manager for the App Bud branded Yontoo adware browser platform. The component is designed to install and keep Firefox connected to the adware updater. The module appbud.ffupdate.dll by App Bud has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
App Bud  (signed and verified)

Version:
1.0.5668.34030

MD5:
0a4be5100420dfa1e1501ae8106ab1fc

SHA-1:
677929dcb6db759ed57ca5f5e372375ec21821d5

SHA-256:
fd688c5455898e017f684b10d0a789f155bb5aa6de67360cf33a48445cf75f6c

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo distributed ad-supported web browser plugin for Firefox.

Analysis date:
11/23/2024 10:24:58 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Yontoo (M)
17.3.9.3

File size:
515.2 KB (527,600 bytes)

Product version:
1.0.5668.34030

Original file name:
2015071002.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\app bud\bin\plugins\appbud.ffupdate.dll

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
7/29/2014 5:30:00 AM

Valid to:
7/30/2015 5:29:59 AM

Subject:
CN=App Bud, O=App Bud, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0A0CA50CF2224C71789EEF06C8E73F38

File PE Metadata
Compilation timestamp:
7/10/2015 8:24:20 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

.NET CLR dependent:
Yes

Entry address:
0x80A1E

Entry point:
FF, 25, 00, 20, 00, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.7370

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
507 KB (519,168 bytes)

Remove appbud.ffupdate.dll - Powered by Reason Core Security