appbud.ffupdate.dll

App Bud

FFUpdate is the Mozilla Firefox plugin manager for the App Bud branded Yontoo adware browser platform. The component is designed to install and keep Firefox connected to the adware updater. The module appbud.ffupdate.dll by App Bud has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
App Bud  (signed and verified)

Version:
1.0.6075.24897

MD5:
b7b7f08a242b46b513ea7c0133486a55

SHA-1:
e1271ec9161eeac00f6dc2d65da7c2c177fe269b

SHA-256:
ff7c054580d062c4ea1bc8d72aca99b771510fce5528647e59f8e386c9debf26

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo distributed ad-supported web browser plugin for Firefox.

Analysis date:
12/25/2024 2:23:53 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Yontoo (M)
17.3.8.23

File size:
553.4 KB (566,696 bytes)

Product version:
1.0.6075.24897

Original file name:
2016081921.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\app bud\bin\plugins\appbud.ffupdate.dll

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
7/15/2015 8:00:00 PM

Valid to:
9/13/2016 7:59:59 PM

Subject:
CN=App Bud, O=App Bud, L=Santa Monica, S=California, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
7F4DBF524894421563EBDD4F51AAB9A1

File PE Metadata
Compilation timestamp:
8/19/2016 5:49:59 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

.NET CLR dependent:
Yes

Entry address:
0x8A4BE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.4927

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
545.5 KB (558,592 bytes)

Remove appbud.ffupdate.dll - Powered by Reason Core Security