nettock.ffupdate.dll

NetTock

FFUpdate is the Mozilla Firefox plugin manager for the NetTock branded Yontoo adware browser platform. The component is designed to install and keep Firefox connected to the adware updater. The module nettock.ffupdate.dll by NetTock has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
NetTock  (signed and verified)

Version:
1.0.5466.25922

MD5:
42d9f13d6ef786c48521408844c26f77

SHA-1:
3417d36060bac82c3c6dd94ca60735cd93fcf5f2

SHA-256:
42b31a9356a685490f74e2edbe60ae45a7b7494c21ed32b3a6a419faa8eb5d8d

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo distributed ad-supported web browser plugin for Firefox.

Analysis date:
11/23/2024 6:46:25 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Yontoo (M)
17.2.27.22

File size:
546.8 KB (559,896 bytes)

Product version:
1.0.5466.25922

Original file name:
NetTock.FFUpdate2014121922.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\nettock\bin\plugins\nettock.ffupdate.dll

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
1/12/2014 5:30:00 AM

Valid to:
1/13/2015 5:29:59 AM

Subject:
CN=NetTock, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=NetTock, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
41BB672E3BDED612E4F80C8809E8DF4C

File PE Metadata
Compilation timestamp:
12/20/2014 3:54:08 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

.NET CLR dependent:
Yes

Entry address:
0x888F6

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.4974

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
538.5 KB (551,424 bytes)

Remove nettock.ffupdate.dll - Powered by Reason Core Security