megabrowse.browserfilter.helper.dll

Mega Browse

Part of the Yontoo adware component, a web browser plugin that injects unwanted ads in the browser. The module megabrowse.browserfilter.helper.dll by Mega Browse has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Mega Browse by Yontoo Technology, Inc. which is a potentially unwanted software program.
Publisher:
Mega Browse  (signed and verified)

MD5:
0a12d82e9b3b67fe956b088f87834e3e

SHA-1:
350ba366023281b21c660e3e7b0a11a163d3bb1b

SHA-256:
b3a6f3f0e3ff5aee65b33c2eac8a743717a18cf5fb0b6fa0e17683f76fc0cbb3

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Belongs to the Sambreel/Yontoo progam that inserts various forms of advertising in the user's web browser, installed with minimal or no user consent.

Analysis date:
11/27/2024 1:41:45 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Yontoo.MegaBrow (M)
16.5.15.0

File size:
388.8 KB (398,112 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\mega browse\megabrowse.browserfilter.helper.dll

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
1/21/2014 7:00:00 PM

Valid to:
1/22/2015 6:59:59 PM

Subject:
CN=Mega Browse, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Mega Browse, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
151F3F44EFA5ADB264205FBF9F779B3D

File PE Metadata
Compilation timestamp:
3/13/2014 9:30:25 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:PRLdBzWsg2wx/LuLK0qc2t1SsRb28G+fjxpzwZ/Nep54m2d3EjWO4Asi7T25lq:pLdHsLejCJ128GexpM1e4GqOcCT2+

Entry address:
0x1A2DA

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, F5, 61, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 40, D4, 05, 10, 89, 0D, 3C, D4, 05, 10, 89, 15, 38, D4, 05, 10, 89, 1D, 34, D4, 05, 10, 89, 35, 30, D4, 05, 10, 89, 3D, 2C, D4, 05, 10, 66, 8C, 15, 58, D4, 05, 10, 66, 8C, 0D, 4C, D4, 05, 10, 66, 8C, 1D, 28, D4, 05, 10, 66, 8C, 05, 24, D4, 05, 10, 66, 8C, 25, 20, D4, 05, 10, 66, 8C, 2D, 1C, D4, 05, 10, 9C, 8F, 05, 50, D4...
 
[+]

Code size:
174 KB (178,176 bytes)

The file megabrowse.browserfilter.helper.dll has been discovered within the following program.

Mega Browse  by Yontoo Technology, Inc.
This adware program injects advertisements with its affiliate ad providers in order to serve a number of ad types including banner, inline text links and popups.
megabrowse.biz/support
82% remove it
 
Powered by Should I Remove It?

Remove megabrowse.browserfilter.helper.dll - Powered by Reason Core Security