home

boosti.dll

Boost

Boost Shopping

The module boosti.dll, “Boost is an application designed to help you compare products and prices while you shop online.” by Boost Shopping has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Boost Shopping  (signed and verified)

Product:
Boost

Description:
Boost is an application designed to help you compare products and prices while you shop online.

Version:
4.0.3.9

MD5:
9011641ef7c17b0a55d6f560e21d5688

SHA-1:
3f2d13aabca31d45bf38f28c0eb5c8ca64830317

SHA-256:
3ac605342b87b7017da21de2619f1f26449b50349ea4a3fcfa36af58e54aab4d

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 7:50:09 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.BoostShopping (M)
15.6.23.3

File size:
452.4 KB (463,248 bytes)

Product version:
4.0.3.9

Copyright:
(C) 2015 Boost Shopping. All right reserved.

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\boost\boosti.dll

Digital Signature
Signed by:
Boost Shopping

Authority:
Symantec Corporation

Valid from:
5/13/2015 12:00:00 AM

Valid to:
8/11/2016 11:59:59 PM

Subject:
CN=Boost Shopping, O=Boost Shopping, L=Bellevue, S=Washington, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
56BE18B038839D1B74FAC83C3F051C21

File PE Metadata
Compilation timestamp:
6/17/2015 3:47:08 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:LtSzXx/NFQU27rR76oZUw/PefnhoAOzx+AOgNTBJYMzutP:CZQr7rR76DWefnez+aNTvt8

Entry address:
0x16A64

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, BD, A7, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, D8, 70, 06, 10, E8, 6D, 4E, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, DC, A1, 06, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 40, 2A, 05, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
299.5 KB (306,688 bytes)

Remove boosti.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.