HighlightlyClientIE.dll

Highlightly Client BHO x64

Highlightly

This is part of the InfoAtoms browser extension which will display variopus forms of advertising in the web browser by injecting new ads such as banner, text-links and search results. The module HighlightlyClientIE.dll by Highlightly has been detected as adware by 12 anti-malware scanners.
Publisher:
Highlightly  (signed and verified)

Product:
Highlightly Client BHO x64

Version:
1.9.0.1

MD5:
898c820d9951b1729ece4d1ac88af8f7

SHA-1:
1c4f7186e268794952540ebad6a85df3f6128d89

SHA-256:
adb3109aba0d0d887c3e28fca4ff2e14a5ad928f8ac4836af648a3ba1fbe621d

Scanner detections:
12 / 68

Status:
Adware

Analysis date:
12/24/2024 1:09:14 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Vitruvian.B
810

Baidu Antivirus
Adware.Win64.Vitruvian
4.0.3.141117

Bitdefender
Adware.Vitruvian.B
1.0.20.1605

Emsisoft Anti-Malware
Adware.Vitruvian
8.14.11.17.09

ESET NOD32
Win64/Adware.Vitruvian.B application
8.7.0.302.0

F-Secure
Adware.Vitruvian.B
11.2014-17-11_2

G Data
Adware.Vitruvian
14.11.24

IKARUS anti.virus
AdWare.Vitruvian
t3scan.1.7.5.0

MicroWorld eScan
Adware.Vitruvian.B
15.0.0.963

nProtect
Adware.Vitruvian.B
14.10.14.01

Reason Heuristics
PUP.Highlightly.T
14.3.14.0

VIPRE Antivirus
InfoAtoms
32470

File size:
176.6 KB (180,840 bytes)

Product version:
1.9.0.1

Copyright:
Copyright (C) 2014

Original file name:
HighlightlyClientIE.dll

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Program Files\highlightly\ie\highlightlyclientie.dll

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
6/3/2013 4:25:40 PM

Valid to:
6/4/2014 4:25:40 PM

Subject:
E=support@gethighlightly.com, CN=Highlightly, OU=Highlightly, O=Highlightly, L=La Jolla, S=CA, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121971480A12BD051AA09DCE9072375C4F7

Registration
CLSID:
{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}

COM registered:
Yes

File PE Metadata
Compilation timestamp:
2/5/2014 6:10:10 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
3072:1hd3oEFnu+27xBa5H0/UiTOAVEVSmo+HSm+/2yMa/xlRFrAb:R3LFuP76wUiTHEMK+/2DsF8

Entry address:
0xF264

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 6B, 53, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, 70, A2, 01, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF...
 
[+]

Entropy:
5.8688

Code size:
94.5 KB (96,768 bytes)

Remove HighlightlyClientIE.dll - Powered by Reason Core Security