» innoapp.ffupdate.dll
Overview
Analysis
File Details

innoapp.ffupdate.dll

innoApp

FFUpdate is the Mozilla Firefox plugin manager for the innoApp branded Yontoo adware browser platform. The component is designed to install and keep Firefox connected to the adware updater. The module innoapp.ffupdate.dll by innoApp has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

Publisher:

innoApp (signed and verified)

Version:

1.0.5589.41833

MD5:

77659fdd02b3b4cf49724157ac367560

SHA-1:

6237dfe216b3d9a7166dd473bb0fbcaa4280564b

SHA-256:

51a8eb7703b8b4d0a24b6c1f5661c0b3c7b2d5d18199509ee09a099b8875a93b

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Part of the Yontoo distributed ad-supported web browser plugin for Firefox.

Analysis date:

11/23/2024 10:13:45 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.Yontoo (M)

17.3.13.22

File size:

597.2 KB (611,560 bytes)

Product version:

1.0.5589.41833

Original file name:

innoApp.FFUpdate2015042207.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Language Neutral

Common path:

C:\Program Files\innoapp\bin\plugins\innoapp.ffupdate.dll

Digital Signature

Signed by:

innoApp

Authority:

VeriSign, Inc.

Valid from:

1/5/2015 5:30:00 AM

Valid to:

3/6/2016 5:29:59 AM

Subject:

CN=innoApp, O=innoApp, L=San Diego, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

4C15233FBF1F62A096FE15876FC59BFB

File PE Metadata

Compilation timestamp:

4/22/2015 12:44:30 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

6.0

.NET CLR dependent:

Yes

Entry address:

0x952A6

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.4719

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

589 KB (603,136 bytes)

Remove innoapp.ffupdate.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.