common.dll

CloudCanvas, Inc.

The module common.dll by CloudCanvas has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘UnfriendTool’. This file is typically installed with the program UnfriendTool by GenTechnologies Apps LLC which is a potentially unwanted software program.
Publisher:
UnfriendTool  (signed by CloudCanvas, Inc.)

Product:
UnfriendTool

Version:
2.5.91

MD5:
d4c746c75ea838b9b6fc1eabf1957c1c

SHA-1:
164c2aa14d43fcd00a564fade8d335127122f442

SHA-256:
1a754a3641e4f78337de51e3f85e62d4397965fe148afbdeec2542bde218b182

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/5/2024 2:34:02 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.CloudCanvas (M)
16.1.1.20

File size:
382 KB (391,192 bytes)

Product version:
2.5.91

Copyright:
(c) UnfriendTool

Original file name:
common.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\unfriendtool\ie\common.dll

Digital Signature
Authority:
GoDaddy.com, Inc.

Valid from:
2/21/2013 12:34:44 PM

Valid to:
2/21/2014 12:34:44 PM

Subject:
CN="CloudCanvas, Inc.", O="CloudCanvas, Inc.", L=Wilmington, S=DE, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B04DF33556E49

File PE Metadata
Compilation timestamp:
3/8/2013 2:18:41 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:MbZqTnmsWgFubjbCrgfIxiqlL9KGreTXbujjn4zYPKzF3eNA:kZiunbCr4Ixi69KzTXb9zD3eNA

Entry address:
0x15A2E

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 22, 5D, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 83, EC, 18, 53, 8B, 5D, 0C, 56, 8B, 73, 08, 33, 35, A0, 9C, 04, 10, 57, 8B, 06, C6, 45, FF, 00, C7, 45, F4, 01, 00, 00, 00, 8D, 7B, 10, 83, F8, FE, 74, 0D, 8B, 4E, 04, 03, CF, 33, 0C, 38, E8, 1C, C2, FF, FF, 8B, 4E, 0C, 8B, 46, 08, 03, CF, 33, 0C, 38, E8, 0C, C2, FF, FF, 8B, 45, 08, F6, 40...
 
[+]

Entropy:
6.6456

Code size:
232.5 KB (238,080 bytes)

Internet Explorer BHO
Display name:
UnfriendTool

CLSID:
{44ed99e2-16a6-4b89-80d6-5b21cf42e78b}


The file common.dll has been discovered within the following program.

UnfriendTool  by GenTechnologies Apps LLC
UnfriendTool is an adware program that integrates into the user's web browsers (IE, Chrome, Firefox) and will perform a number of functions mostly designed to generate advertising supported or affiliate revenue.
www.unfriendtool.com
79% remove it
 
Powered by Should I Remove It?

Remove common.dll - Powered by Reason Core Security