home

browsecamo.ffupdate.dll

Target Practice

FFUpdate is the Mozilla Firefox plugin manager for the Target Practice branded Yontoo adware browser platform. The component is designed to install and keep Firefox connected to the adware updater. The module browsecamo.ffupdate.dll by Target Practice has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Target Practice  (signed and verified)

Version:
1.0.5934.35545

MD5:
648553ce4bd6b3b86646410532e14eac

SHA-1:
30264bd882b024b9b148b3f6043e8c8dad17f2e7

SHA-256:
5b645ea7f75b6fe2bbfd5785d0d7230751229f2c0a5884d639333aefac3ac728

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo distributed ad-supported web browser plugin for Firefox.

Analysis date:
11/27/2024 4:53:20 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Yontoo (M)
17.3.6.14

File size:
564.7 KB (578,256 bytes)

Product version:
1.0.5934.35545

Original file name:
2016040103.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\browse camo\bin\plugins\browsecamo.ffupdate.dll

Digital Signature
Signed by:
Target Practice

Authority:
VeriSign, Inc.

Valid from:
9/2/2015 8:00:00 AM

Valid to:
9/2/2016 7:59:59 AM

Subject:
CN=Target Practice, O=Target Practice, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7FEE09C788DC975DA366D390F75BAD4D

File PE Metadata
Compilation timestamp:
4/1/2016 11:44:55 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

.NET CLR dependent:
Yes

Entry address:
0x8D11E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.5079

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
556.5 KB (569,856 bytes)

Remove browsecamo.ffupdate.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.