dca-bho.dll

Compete DCA

Compete Inc

The module dca-bho.dll, “Compete DCA Browser Helper Object” by Compete Inc has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘DCA’.
Publisher:
Compete, Inc.  (signed by Compete Inc)

Product:
Compete DCA

Description:
Compete DCA Browser Helper Object

Version:
3.2.0.1330

MD5:
c228d869e65f4d06d6cd2fb9cf4cf121

SHA-1:
18f8a6bc8f1ead0eb00e7c75ab9e1e69d19289f1

SHA-256:
40260975e563ab245c500edc720835ce386dc2e690a3ae1bc41a221343c14024

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/24/2024 12:10:55 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Compete (M)
16.10.15.17

File size:
909.5 KB (931,287 bytes)

Product version:
3.2.0.1330

Copyright:
(c) Compete, Inc. All rights reserved.

Original file name:
dca-bho.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\consumer input\internetexplorer\dca-bho.dll

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
12/22/2014 5:00:00 AM

Valid to:
3/23/2018 4:59:59 AM

Subject:
CN=Compete Inc, O=Compete Inc, L=Boston, S=Massachusetts, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
0A6DDD60D9E6C4FAA56565923F8669C2

Registration
CLSID:
{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}

ProgID:
dcabho.Dca.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
3/29/2016 5:24:37 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:rpTOBzx5BDhzHqOt3lhoOMOOF5s63rEH7N:rURVDhW63lhaOis6c

Entry address:
0x7EEFD

Entry point:
E9, 7E, 70, FD, FF, 83, 7D, 0C, 01, 75, 05, E8, C8, 40, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 33, C0, 39, 45, 0C, 76, 12, 8B, 4D, 08, 66, 83, 39, 00, 74, 09, 40, 83, C1, 02, 3B, 45, 0C, 72, F1, 5D, C3, 8B, FF, 55, 8B, EC, 51, 51, 8B, 45, 0C, 57, 8B, 7D, 08, 85, C0, 74, 02, 89, 38, 85, FF, 75, 17, E8, 26, 21, 00, 00, C7, 00, 16, 00, 00, 00, E8, AB, 2A, 00, 00, 33, C0, E9, 90, 01, 00, 00, 83, 7D, 10, 00, 74, 0C, 83, 7D, 10, 02, 7C, DD, 83, 7D...
 
[+]

Entropy:
6.8252

Packer / compiler:
Xtreme-Protector v1.05

Code size:
598.5 KB (612,864 bytes)

Internet Explorer BHO
Display name:
DCA

CLSID:
{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}

CLSID name:
Consumer Input DCA BHO


Remove dca-bho.dll - Powered by Reason Core Security