home

ssinstall.dll

AVSoftware EOOD

The module ssinstall.dll by AVSoftware EOOD has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
AVSoftware EOOD  (signed and verified)

MD5:
76a7d08561fc2abe6af628beaa498f62

SHA-1:
1d5551efa560f5ed9f2b10776c8e287d2990fd7e

SHA-256:
bbe6cfb53a71827e3e96db2191d0ba0ba918c36fe6b5a3439f54e68ca70ea137

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 4:26:44 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.SafeSearch.AVSoftware EOOD (M)
16.4.14.6

File size:
1.8 MB (1,870,568 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\safesearch\1_13\ssinstall.dll

Digital Signature
Signed by:
AVSoftware EOOD

Authority:
Symantec Corporation

Valid from:
12/30/2015 7:00:00 PM

Valid to:
6/3/2016 7:59:59 PM

Subject:
CN=AVSoftware EOOD, O=AVSoftware EOOD, L=Sofia, S=Sofia, C=BG

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
57ABCD2BCF9FD1CFD5A1BABF2579820E

File PE Metadata
Compilation timestamp:
4/13/2016 11:54:50 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:7mQq8GoBhbuZPKTDya7wmAxF7/BuSIlEKV7b1RplXWqhQZmBEa9zMinAaR3Oh:in5L2DyZmAbgSQViIXAatm

Entry address:
0x18971C

Entry point:
55, 8B, EC, 83, C4, C0, B8, F4, FE, 57, 00, E8, D0, 1C, E8, FF, E8, FF, CE, E7, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5222

Developed / compiled with:
Microsoft Visual C++

Code size:
1.5 MB (1,606,144 bytes)

Remove ssinstall.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.