appbud.ffupdate.dll

App Bud

FFUpdate is the Mozilla Firefox plugin manager for the App Bud branded Yontoo adware browser platform. The component is designed to install and keep Firefox connected to the adware updater. The module appbud.ffupdate.dll by App Bud has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
App Bud  (signed and verified)

Version:
1.0.5858.6381

MD5:
4c45cc03ba6f9ed54b1b954a6d540750

SHA-1:
d2fc5870215748304e5d74c18e9eeaddf2bc4fdb

SHA-256:
26845ba1ac36845a1e425d5b4196282a98c06afce2ee01ce7f5d9e1433499720

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo distributed ad-supported web browser plugin for Firefox.

Analysis date:
12/25/2024 1:38:32 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Yontoo (M)
17.3.12.6

File size:
556.9 KB (570,280 bytes)

Product version:
1.0.5858.6381

Original file name:
2016011511.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\app bud\bin\plugins\appbud.ffupdate.dll

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
7/16/2015 8:00:00 AM

Valid to:
9/14/2016 7:59:59 AM

Subject:
CN=App Bud, O=App Bud, L=Santa Monica, S=California, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
7F4DBF524894421563EBDD4F51AAB9A1

File PE Metadata
Compilation timestamp:
1/15/2016 7:32:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

.NET CLR dependent:
Yes

Entry address:
0x8B246

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.4958

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
549 KB (562,176 bytes)

Remove appbud.ffupdate.dll - Powered by Reason Core Security