moviemode.48ca2aefa22d.dll

GenTechnologies Apps, LLC

This is part of an adware program designed to inject advertising in the web browser (banners, text-links) as well as modify the normal behavior of the browser. Part of the Injekt brand of unwanted programs. The module moviemode.48ca2aefa22d.dll by GenTechnologies Apps has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
GenTechnologies Apps, LLC  (signed and verified)

MD5:
a25bd344d12a0b9692c16292b0dae729

SHA-1:
1db843575ef90634402d8bb6265670db94a06448

SHA-256:
6b540eb232e8c156f8d501d983ebdc6d8b0012f38f54828b7a528128feece27e

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Injects display ads (banner ads), in-text ads, interstitial ads, or other types of ads in the web browser as well as alters the browsers settings (home page, search, DNS, and security protocols).

Analysis date:
12/25/2024 1:24:26 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Injekt (M)
16.11.3.13

File size:
1.1 MB (1,161,872 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\windows\syswow64\moviemode.48ca2aefa22d.dll

Digital Signature
Authority:
COMODO CA Limited

Valid from:
5/29/2013 9:00:00 PM

Valid to:
5/30/2014 8:59:59 PM

Subject:
CN="GenTechnologies Apps, LLC", O="GenTechnologies Apps, LLC", STREET=640 Grand Avenue, STREET=Suite E, L=Carlsbad, S=California, PostalCode=92008, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
06D4A5EDA561071FC293924D6DFC6300

File PE Metadata
Compilation timestamp:
3/21/2014 5:45:07 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:QrgxoC9LWDztfqAbY7rarRnz9ozsh9BtUDri5iUXsybvvd0SSW:QrgaDIAbY7rarVzy470ri5iUXsy55SW

Entry address:
0xACEA4

Entry point:
75, 58, F1, B1, 10, 32, D5, 25, C1, D2, 2F, A6, 2A, C6, 00, D6, 6B, 8F, 12, 6A, 5E, 3E, E0, 72, DE, 2E, 8F, 11, 38, 1A, 0A, 32, 59, 68, E6, F9, 20, 14, B7, 6A, 74, F4, B3, 26, 66, EF, BF, F9, 1B, 5C, C4, 11, F0, 13, 6A, 2B, B6, 16, FE, 28, 66, BD, F5, A9, 56, 33, 66, 2D, 6A, 48, 2C, 0E, F6, 83, FB, 36, 30, FE, 13, C5, A0, C4, C7, 53, 52, 99, 5D, 2C, AD, 38, 84, A2, 5B, 98, 45, 16, EB, E9, BA, DE, A2, B8, 23, 6F, A8, B1, 7A, D9, 85, C8, 3E, E1, 5D, 65, 44, C2, EC, EB, 9D, 7E, 60, 9B, CC, 2C, 51, FC, 4F, DE...
 
[+]

Code size:
805.5 KB (824,832 bytes)

Remove moviemode.48ca2aefa22d.dll - Powered by Reason Core Security