browsepax.ffupdate.dll

Browse Pax

FFUpdate is the Mozilla Firefox plugin manager for the Browse Pax branded Yontoo adware browser platform. The component is designed to install and keep Firefox connected to the adware updater. The module browsepax.ffupdate.dll by Browse Pax has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Browse Pax  (signed and verified)

Version:
1.0.5757.7965

MD5:
e66fd7824063140800dc05f3fd605a3f

SHA-1:
1cdf1e56040d4bf83f452b281cb46fd95b6de75c

SHA-256:
28f7c814388ef4b4b870b333601d85f3db9049ad36096e8f722f83e90bd27950

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo distributed ad-supported web browser plugin for Firefox.

Analysis date:
12/24/2024 1:35:44 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Yontoo (M)
17.3.7.20

File size:
548.7 KB (561,904 bytes)

Product version:
1.0.5757.7965

Original file name:
2015100612.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\browse pax\bin\plugins\browsepax.ffupdate.dll

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
11/5/2014 8:00:00 AM

Valid to:
12/6/2015 7:59:59 AM

Subject:
CN=Browse Pax, O=Browse Pax, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3042BEE729064AB94DEF88F30ACB3ED0

File PE Metadata
Compilation timestamp:
10/6/2015 8:25:30 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

.NET CLR dependent:
Yes

Entry address:
0x890DE

Entry point:
FF, 25, 00, 20, 00, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.6917

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
540.5 KB (553,472 bytes)

Remove browsepax.ffupdate.dll - Powered by Reason Core Security