gooternet.ffupdate.dll

gooternet

FFUpdate is the Mozilla Firefox plugin manager for the gooternet branded Yontoo adware browser platform. The component is designed to install and keep Firefox connected to the adware updater. The module gooternet.ffupdate.dll by gooternet has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
gooternet  (signed and verified)

Version:
1.0.5601.21509

MD5:
580efe54c9f7c2fb466e74a934e39e25

SHA-1:
a46a70add3b73243bec3d59f268aeb822a1a12b8

SHA-256:
614dd9756c1da314bf0c84035a8078ad15c293282422cb393326284d487f500a

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo distributed ad-supported web browser plugin for Firefox.

Analysis date:
12/25/2024 1:40:46 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Yontoo (M)
17.3.12.21

File size:
593.2 KB (607,472 bytes)

Product version:
1.0.5601.21509

Original file name:
gooternet.FFUpdate2015050319.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\gooternet\bin\plugins\gooternet.ffupdate.dll

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
3/16/2015 12:00:00 AM

Valid to:
4/15/2016 12:59:59 AM

Subject:
CN=gooternet, O=gooternet, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
282B6A0E12716A494E61CCE85898AAD5

File PE Metadata
Compilation timestamp:
5/3/2015 8:57:04 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

.NET CLR dependent:
Yes

Entry address:
0x9429A

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
585 KB (599,040 bytes)

Remove gooternet.ffupdate.dll - Powered by Reason Core Security