HighlightlyClientIE.dll

Highlightly Client BHO x64

Highlightly

This is part of the InfoAtoms browser extension which will display variopus forms of advertising in the web browser by injecting new ads such as banner, text-links and search results. The module HighlightlyClientIE.dll by Highlightly has been detected as adware by 12 anti-malware scanners.
Publisher:
Highlightly  (signed and verified)

Product:
Highlightly Client BHO x64

Version:
1.9.0.0

MD5:
7a5f46fe7ee04e1da4c066a5951caeb6

SHA-1:
031133632798232627b2dae128bc6961fd8d2019

SHA-256:
ec4eb8a8524ee5cd579bdda13e0c81b96475c9b9d5cdf7f3b7b13ffed87901dd

Scanner detections:
12 / 68

Status:
Adware

Analysis date:
12/24/2024 11:28:36 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Vitruvian.B
810

Baidu Antivirus
Adware.Win64.Vitruvian
4.0.3.141117

Bitdefender
Adware.Vitruvian.B
1.0.20.1605

Emsisoft Anti-Malware
Adware.Vitruvian
8.14.11.17.09

ESET NOD32
Win64/Adware.Vitruvian.B application
8.7.0.302.0

F-Secure
Adware.Vitruvian.B
11.2014-17-11_2

G Data
Adware.Vitruvian
14.11.24

IKARUS anti.virus
AdWare.Vitruvian
t3scan.1.7.5.0

MicroWorld eScan
Adware.Vitruvian.B
15.0.0.963

nProtect
Adware.Vitruvian.B
14.10.14.01

Reason Heuristics
PUP.Highlightly.T
14.3.14.0

VIPRE Antivirus
InfoAtoms
32470

File size:
176.6 KB (180,840 bytes)

Product version:
1.9.0.0

Copyright:
Copyright (C) 2013

Original file name:
HighlightlyClientIE.dll

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Program Files\highlightly\ie\highlightlyclientie.dll

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
6/3/2013 3:25:40 PM

Valid to:
6/4/2014 3:25:40 PM

Subject:
E=support@gethighlightly.com, CN=Highlightly, OU=Highlightly, O=Highlightly, L=La Jolla, S=CA, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121971480A12BD051AA09DCE9072375C4F7

Registration
CLSID:
{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}

COM registered:
Yes

File PE Metadata
Compilation timestamp:
12/4/2013 1:46:12 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
3072:ihd3oEFnu+27xBa5H0/UiTOAVEVAmo+HS9+/2yMaexlRFr8v:+3LFuP76wUiTHEOx+/2DLFc

Entry address:
0xF264

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 6B, 53, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, 70, A2, 01, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF...
 
[+]

Entropy:
5.8685

Code size:
94.5 KB (96,768 bytes)

Remove HighlightlyClientIE.dll - Powered by Reason Core Security