Bizzybolt.IEUpdate.dll

Bizzybolt

This is the Internet Explorer add-on for the Yontoo Bizzybolt branded web browser plugin (injects banner, text-link and popup ads). The component is responisble for registering the Browser Helper Object into IE and keeping it registered. The module Bizzybolt.IEUpdate.dll by Bizzybolt has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Bizzybolt  (signed and verified)

Version:
1.0.5422.30216

MD5:
f1e34e78c354e26d7efefcb3ccaf8e13

SHA-1:
693b60e06eeddb990d949abc52f0c8be6f5af7c4

SHA-256:
256a7c44e10f4c2123cc79442ae3b24e1f2dc2207f3cfe362d6599d5096535cf

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo distributed ad-supported web browser add-on for Internet Explorer.

Analysis date:
12/25/2024 12:38:28 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Yontoo.Bizzybolt (M)
16.1.26.8

File size:
654.7 KB (670,448 bytes)

Product version:
1.0.5422.30216

Original file name:
Bizzybolt.IEUpdate.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\bizzybolt\bin\plugins\bizzybolt.ieupdate.dll

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
11/4/2014 7:00:00 PM

Valid to:
12/5/2015 6:59:59 PM

Subject:
CN=Bizzybolt, O=Bizzybolt, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
470ECE4348EF28A235A2D9E57351E91B

File PE Metadata
Compilation timestamp:
11/5/2014 7:47:19 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:K9uEXFE/SVpTY0rg3cS2mkiNbGSdHe4mrQHOFn4W/tXl/N9u5ck:KXQcprWcwkCqyFa9Zbun

Entry address:
0xA3932

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 6E, 00, 00, 00, 74, 39, 0A, 00, 74, 1B, 0A, 00, 52, 53, 44, 53, A2, EB, BF, F9, 5A, 61, 28, 48, B5, AE, A1, B0, 9D, D3, 3D, E1, 01, 00, 00, 00, 44, 3A, 5C, 55, 74, 69, 6C, 69, 74, 69, 65, 73, 5C, 71, 78, 33, 77, 6A, 76, 6A, 73, 2E, 71, 64, 66, 5C, 44, 65, 73, 6B, 74, 6F, 70, 5C, 44, 65, 73, 6B...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
646.5 KB (662,016 bytes)

Remove Bizzybolt.IEUpdate.dll - Powered by Reason Core Security