» default-search.dll
Overview
Analysis
File Details
Programs (1)

default-search.dll

Aztec Media inc.

The module default-search.dll by Aztec Media inc has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Assets Manager by Aztec Media inc. which is a potentially unwanted software program. It is also typically executed from the user's temporary directory.

File name:

default-search.dll

Publisher:

Aztec Media inc. (signed and verified)

MD5:

8d9eef396de1b0cf8763f8d3b86460e4

SHA-1:

4f4a6922698225cda99bc9a34d49029693497486

SHA-256:

677e8dc9b546f95c988d93e49e3f7617f7df72d9c21139293f13ed963c289475

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

11/23/2024 12:18:54 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Bandoo (M)

16.12.31.5

File size:

1.7 MB (1,793,280 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\temp\default-search.dll

Digital Signature

Signed by:

Aztec Media inc.

Authority:

VeriSign, Inc.

Valid from:

4/1/2015 2:00:00 AM

Valid to:

2/2/2018 12:59:59 AM

Subject:

CN=Aztec Media inc., O=Aztec Media inc., L=Panama City, S=Panama City, C=PA

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

2AF6396322BF5B08910274FFE4241447

File PE Metadata

Compilation timestamp:

4/15/2015 2:00:37 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

Entry address:

0xE5B2D

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 8E, DF, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, B8, FF, FF, 00, 00, 83, EC, 14, 66, 39, 45, 08, 0F, 84, 87, 00, 00, 00, 53, 56, FF, 75, 0C, 8D, 4D, EC, E8, 6B, C8, FF, FF, 8B, 75, EC, 8B, 4E, 14, 33, DB, 3B, CB, 75, 15, 8B, 45, 08, 8D, 48, BF, 66, 83, F9, 19, 77, 04, 66, 83, C0, 20, 0F, B7, C0, EB, 4B, B8, 00, 01, 00, 00, 6A, 01, 66, 39, 45, 08, 73, 1E, FF, 75, 08, E8, AF, BB, 00, 00, 59, 85, C0... 
[+]

Code size:

1.1 MB (1,190,912 bytes)

The file default-search.dll has been discovered within the following program.

Assets Manager by Aztec Media inc.

Asset Manager is an adware web browser add-on that injects advertising in the user's browser as well as hijacks various browser settings such as the home page, search provider and new tab page. Its is protected and difficult to remove.

80% remove it

Remove default-search.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.