nettock.compatibilitychecker.dll

NetTock

Part of the Yontoo adware component, a web browser plugin that injects unwanted ads in the browser. The module nettock.compatibilitychecker.dll by NetTock has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
NetTock  (signed and verified)

Version:
1.0.5507.39647

MD5:
ebba04f71fc77cb6456495b795ba0fd3

SHA-1:
c2700de98896777e6900edcfdab354f7e0871b36

SHA-256:
28283a4be56f15cbcdfe0a690c024fa36480d47f21069f4922deff95aad2460f

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Belongs to the Sambreel/Yontoo progam that inserts various forms of advertising in the user's web browser, installed with minimal or no user consent.

Analysis date:
12/24/2024 11:45:39 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Yontoo (M)
17.3.2.11

File size:
117.7 KB (120,552 bytes)

Product version:
1.0.5507.39647

Original file name:
NetTock.CompatibilityChecker2015013006.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\nettock\bin\plugins\nettock.compatibilitychecker.dll

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
1/5/2015 5:30:00 AM

Valid to:
2/5/2016 5:29:59 AM

Subject:
CN=NetTock, O=NetTock, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4D49867FFC30B64BB7F111042A883510

File PE Metadata
Compilation timestamp:
1/30/2015 11:31:39 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

.NET CLR dependent:
Yes

Entry address:
0x1D522

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.4996

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
109.5 KB (112,128 bytes)

Remove nettock.compatibilitychecker.dll - Powered by Reason Core Security