boost.dll

Boost Shopping

The module boost.dll, “Boost is an application designed to help you compare products and prices while you shop online.” by Boost Shopping has been detected as adware by 3 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Boost’.
Publisher:
Boost  (signed by Boost Shopping)

Product:
Boost

Description:
Boost is an application designed to help you compare products and prices while you shop online.

Version:
3.0.1.5

MD5:
230172a479c038d44c39bc549e3e2aa7

SHA-1:
8b35eaf1af2dc48b289529404cb6ed56e8b6e055

SHA-256:
cb95194d9b8db337af586bc4f822ccf4e1ad038e4066549accbc9e01417b8ea2

Scanner detections:
3 / 68

Status:
Adware

Analysis date:
12/24/2024 12:20:28 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Adware.Shopper.920
9.0.1.05190

Malwarebytes
PUP.Optional.Boost.A
v2015.06.12.12

Reason Heuristics
PUP.BoostShopping
15.6.11.19

File size:
482.4 KB (494,000 bytes)

Product version:
3.0.1.5

Copyright:
(C) 2014 Boost Shopping. All right reserved.

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\boost\boost.dll

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
5/12/2015 8:00:00 PM

Valid to:
8/11/2016 7:59:59 PM

Subject:
CN=Boost Shopping, O=Boost Shopping, L=Bellevue, S=Washington, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
56BE18B038839D1B74FAC83C3F051C21

File PE Metadata
Compilation timestamp:
6/10/2015 4:24:53 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:5CcwRKAyYUBe6KmzGKFsI1fjDohS+sbPWf:twRpUBe6KmzGKFRDxBbuf

Entry address:
0x26FE2

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, B3, D3, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74...
 
[+]

Entropy:
6.1628

Code size:
246 KB (251,904 bytes)

Internet Explorer BHO
Display name:
Boost

CLSID:
{2299856A-6506-42E3-A34F-CD35A47C1B19}


Remove boost.dll - Powered by Reason Core Security