» tipranks-bho.dll
Overview
Analysis
File Details
Programs (1)

tipranks-bho.dll

TipRanks LTD

The module tipranks-bho.dll by TipRanks has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program TipRanks by Uri Gruenbaum. This is the Browser Helper Object (BHO) for the Crossrider web browser platform for Internet Explorer. Instead of utilizing a traditional IE Toolbar, it installs a BHO in the browser in order to manage the functionality of the addon.

File name:

tipranks-bho.dll

Publisher:

TipRanks (signed by TipRanks LTD)

Product:

TipRanks

Description:

TipRanks BHO

Version:

1.1.153.148

MD5:

c29478b091033cf43591f53f4f14cb10

SHA-1:

e573ee831db1b45f4cbcccf5d37aceb7e5653ca6

Scanner detections:

1 / 68

Status:

Adware

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements.

Note:

Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is TipRanks LTD.

Analysis date:

11/24/2024 10:45:56 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.Crossrider.TipRanks (M)

16.5.29.4

File size:

627.4 KB (642,472 bytes)

Product version:

1.1.153.148

Original file name:

TipRanks.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\tipranks\tipranks-bho.dll

Digital Signature

Signed by:

TipRanks LTD

Authority:

COMODO CA Limited

Valid from:

12/24/2012 5:00:00 PM

Valid to:

12/25/2013 4:59:59 PM

Subject:

CN=TipRanks LTD, O=TipRanks LTD, STREET=27 Ahad Haam, L=Tel Aviv-Jaffa, S=Israel, PostalCode=65202, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

34B940819341EC8E12BDF055769AB0E5

File PE Metadata

Compilation timestamp:

11/3/2013 3:06:54 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:10bnBfBO8yIb0PkudPMDrNbTvIZTSL8GXdTfW7bXoPnPTeAE:10bnB5OlPkudPMDrNbbKuLZtTu7b4PrG

Entry address:

0x4932C

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 56, C0, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 00, 8C, 08, 10, E8, C5, 46, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 28, EB, 08, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, B8, 57, 07, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Entropy:

6.5330

Developed / compiled with:

Microsoft Visual C++

Code size:

416.5 KB (426,496 bytes)

The file tipranks-bho.dll has been discovered within the following program.

TipRanks by Uri Gruenbaum

Publisher's description - “TipRanks is a browser application that allows you to instantly see the track record and measured performance of any analyst you come across, so you know who to trust.”

37% remove it

Remove tipranks-bho.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.