tbupdaterlogic_5.0.0.1.dll

The module tbupdaterlogic_5.0.0.1.dll has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from storage.stgbssint.com.
MD5:
84a9391f3c27ca5322998ad6a6d5294a

SHA-1:
afe9abd27b07d9af4147a9716706b41dabe45b51

SHA-256:
14ea2aceaecb8542bb4680c526dbaf1a84735d43ffbbaef822a6d9f5b21bb44e

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Part of the Conduit/ClientConnect toolbar/extension distribution.

Analysis date:
12/24/2024 11:56:28 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Conduit (M)
16.10.5.15

File size:
200.6 KB (205,395 bytes)

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\users\{user}\appdata\local\conduit\backgroundcontainer\tbupdaterlogic_5.0.0.1.dll

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
3072:eLpqzTuq+syww+9U8DAF45ZEXAS26XcbKxjrr4:eLOXF2vh26Xc2xj/4

Entry point:
8B, EC, 53, 8B, 5D, 08, 56, 57, 68, 01, 01, 00, 00, 33, FF, 8D, 73, 18, 57, 56, E8, 72, E0, FF, FF, 89, 7B, 04, 33, C0, 89, 7B, 08, 83, C4, 0C, 89, BB, 1C, 02, 00, 00, B9, 01, 01, 00, 00, 8D, 7B, 0C, AB, AB, AB, BF, 50, F8, 41, 00, 2B, FB, 8A, 04, 37, 88, 06, 46, 49, 75, F7, 8D, 8B, 19, 01, 00, 00, BA, 00, 01, 00, 00, 8A, 04, 39, 88, 01, 41, 4A, 75, F7, 5F, 5E, 5B, 5D, C3, 55, 8B, EC, 81, EC, 20, 05, 00, 00, A1, D0, F4, 41, 00, 33, C5, 89, 45, FC, 53, 56, 8B, 75, 08, 8D, 85, E8, FA, FF, FF, 57, 50, FF, 76...
 
[+]

Entropy:
5.7902

The file tbupdaterlogic_5.0.0.1.dll has been seen being distributed by the following URL.

Remove tbupdaterlogic_5.0.0.1.dll - Powered by Reason Core Security