ietoolbar64.dll

Freshy Toolbar

Freshy

This is a component of the Tightrope WebInstall, a setup program that bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The module ietoolbar64.dll by Freshy has been detected as adware by 3 anti-malware scanners.
Publisher:
Freshy.com  (signed by Freshy)

Product:
Freshy Toolbar

Version:
2.0.0.1057

MD5:
a7b172cd7e761679e535b7a08741a9f9

SHA-1:
f68278e4a5bb61c2cbed035b008f2af387e8c04d

SHA-256:
4a335bd3313ee716825e357a6d1a529b90a16b3eee0d5ae834a072a0dfb0c49f

Scanner detections:
3 / 68

Status:
Adware

Analysis date:
12/27/2024 6:01:54 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Toolbar.TNT2.E potentially unwanted application
10.7.0.302.0

IKARUS anti.virus
PUA.TNT2
t3scan.1.7.8.0

Reason Heuristics
PUP.Tightrope.Freshy.Toolbar (M)
16.1.21.4

File size:
130.8 KB (133,960 bytes)

Product version:
2.0.0.1057

Copyright:
(c) 2012 Freshy.com. All rights reserved.

Original file name:
IEToolbar.dll

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\tnt2\2.0.0.1057\ietoolbar64.dll

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
7/28/2011 8:00:00 PM

Valid to:
7/28/2013 7:59:59 PM

Subject:
CN=Freshy, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Freshy, L=San Francisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3FE2E83B02F14E8E282304CFC46C3524

File PE Metadata
Compilation timestamp:
8/7/2012 4:47:14 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:M3ZciH3fAZFMQRsH5AxmnMTraLyZVeG5fOOwpvgQy:mZnvWFM+QnMTraLyaJg

Entry address:
0xA258

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 1B, 5E, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, A7, FE, FF, FF, CC, CC, CC, 4C, 8D, 0D, 31, 37, 01, 00, 33, C0, 49, 8B, D1, 44, 8D, 40, 08, 3B, 0A, 74, 2B, FF, C0, 49, 03, D0, 83, F8, 2D, 72, F2, 8D, 41, ED, 83, F8, 11, 77, 06, B8, 0D, 00, 00, 00, C3, 81, C1, 44, FF, FF, FF, B8, 16, 00, 00, 00, 83, F9, 0E, 41, 0F, 46, C0, C3, 48...
 
[+]

Entropy:
6.0248

Code size:
76.5 KB (78,336 bytes)

Remove ietoolbar64.dll - Powered by Reason Core Security