» bho32.dll
Overview
Analysis
File Details
Behaviors (1)

bho32.dll

Forge

Affinity Commerce Systems, Inc.

It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Ashley Tisdale BHO’.

File name:

bho32.dll

Publisher:

trigger.io (signed by Affinity Commerce Systems, Inc.)

Product:

Forge

Description:

Forge BHO

Version:

0.9.0.1

MD5:

378ce7b40041e681be87387c530028e2

SHA-1:

609695ab7a853c91fdc5b25fad071fc9feabd437

SHA-256:

dd99a11e70bc88fec023245ad07bed8b9223ad73e49fb480c23660b8e352127d

Scanner detections:

1 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

11/5/2024 10:56:01 PM UTC (today)

Scan engine

Detection

Engine version

Malwarebytes

PUP.Optional.HostSecure.A

v2015.08.29.02

File size:

809.3 KB (828,688 bytes)

Product version:

0.9.0.1

Original file name:

forge.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\ashley tisdale\bho32.dll

Digital Signature

Signed by:

Affinity Commerce Systems, Inc.

Authority:

DigiCert Inc

Valid from:

7/4/2012 12:00:00 PM

Valid to:

7/9/2013 12:00:00 AM

Subject:

CN="Affinity Commerce Systems, Inc.", O="Affinity Commerce Systems, Inc.", L=Kirkland, S=Washington, C=US

Issuer:

CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

09204B0BB43F3D6CA2541A690301AF01

File PE Metadata

Compilation timestamp:

1/17/2013 3:46:01 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:11E3EPD1WcEtHPf1USkkTFRItziMiqGu4jwxe53Rf3H8LFPCqYL92UX8ivvA:TE3EPQdskBRIEqGu4jwxEcxCh2UM8A

Entry address:

0x44BDC

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 30, 64, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 98, 9D, 0B, 10, 89, 0D, 94, 9D, 0B, 10, 89, 15, 90, 9D, 0B, 10, 89, 1D, 8C, 9D, 0B, 10, 89, 35, 88, 9D, 0B, 10, 89, 3D, 84, 9D, 0B, 10, 66, 8C, 15, B0, 9D, 0B, 10, 66, 8C, 0D, A4, 9D, 0B, 10, 66, 8C, 1D, 80, 9D, 0B, 10, 66, 8C, 05, 7C, 9D, 0B, 10, 66, 8C, 25, 78, 9D, 0B, 10, 66, 8C, 2D, 74, 9D, 0B, 10, 9C, 8F, 05, A8, 9D... 
[+]

Entropy:

6.5296

Code size:

583 KB (596,992 bytes)

Internet Explorer BHO

Display name:

Ashley Tisdale BHO

CLSID:

{5AAD5B2E-0BE9-806A-00F2-DB3716C82AC9}

CLSID name:

Ashley Tisdale

Scan bho32.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.