coupontime.ffupdate.dll

Coupon Time

FFUpdate is the Mozilla Firefox plugin manager for the Coupon Time branded Yontoo adware browser platform. The component is designed to install and keep Firefox connected to the adware updater. The module coupontime.ffupdate.dll by Coupon Time has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Coupon Time  (signed and verified)

Version:
1.0.5877.2838

MD5:
212a7dbc5be368145fe66520daf38daa

SHA-1:
ccb08461c10bdb59eeba1bc5d745cc071259256e

SHA-256:
054a07c8bfa6075e7ac02a8ff7971ed91701df4cafd89b58474463c0df068f5a

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo distributed ad-supported web browser plugin for Firefox.

Analysis date:
11/23/2024 9:42:26 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Yontoo (M)
17.3.4.0

File size:
548.2 KB (561,392 bytes)

Product version:
1.0.5877.2838

Original file name:
2016020309.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\coupon time\bin\plugins\coupontime.ffupdate.dll

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
3/18/2015 5:00:00 AM

Valid to:
3/18/2016 4:59:59 AM

Subject:
CN=Coupon Time, O=Coupon Time, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5580F4EA46A972B28E383D02966AEBA8

File PE Metadata
Compilation timestamp:
2/3/2016 2:34:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

.NET CLR dependent:
Yes

Entry address:
0x88E5E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.4841

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
540 KB (552,960 bytes)

Remove coupontime.ffupdate.dll - Powered by Reason Core Security