updateappbud.exe

App Bud

Part of the Yontoo web browser plugin (delivers advertisements to the web browser in the form of injected banners, text-links, popups, etc.) the updater mechanism for App Bud will automatically keep the extension patched by downloaded new functionality which is auto-enabled by default. The application updateappbud.exe by App Bud has been detected as adware by 7 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “Update App Bud”. This file is typically installed with the program App Bud by Yontoo Technology, Inc. which is a potentially unwanted software program. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.
Publisher:
App Bud  (signed and verified)

Version:
1.0.5315.21629

MD5:
affcb87ef06e06e86a16d7d800be03c2

SHA-1:
fa6e73aebb3d6c6ef6b1a2e5b38b87adad9684f9

SHA-256:
f3e1c16f9b424434f3403da95d4369429aab0bb31fc6c531fa7a0a6abb96dfe6

Scanner detections:
7 / 68

Status:
Adware

Explanation:
Part of the Yontoo adware web browser extension update process.

Analysis date:
11/23/2024 12:30:41 PM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Adware.Win32.BrowseFox
4.0.3.14725

ESET NOD32
Win32/BrowseFox (variant)
8.10154

IKARUS anti.virus
PUA.BrowseFox
t3scan.1.6.1.0

McAfee
Artemis!AFFCB87EF06E
5600.7058

Qihoo 360 Security
HEUR/Malware.QVM03.Gen
1.0.0.1015

Reason Heuristics
PUP.Service.AppBud.M
14.7.27.14

Trend Micro House Call
Suspicious_GEN.F47V0724
7.2.206

File size:
314.3 KB (321,816 bytes)

Product version:
1.0.5315.21629

Original file name:
AppBud.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\app bud\updateappbud.exe

Digital Signature
Signed by:

Authority:
DigiCert Inc

Valid from:
6/8/2014 7:00:00 PM

Valid to:
6/17/2015 7:00:00 AM

Subject:
CN=App Bud, O=App Bud, L=Santa Monica, S=California, C=US

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
07591B091A65F99B8121AB657546815A

File PE Metadata
Compilation timestamp:
7/21/2014 8:01:15 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:B63Bn8mGm51Jn+Pktn/7HbjMGT6AMs7cghl2fWz/pb6dk:B63Bvzdn+OZxRDkdk

Entry address:
0x4E58E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.0947

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
305.5 KB (312,832 bytes)

Service
Display name:
Update App Bud

Type:
Win32OwnProcess


The file updateappbud.exe has been discovered within the following program.

App Bud  by Yontoo Technology, Inc.
App Bud is an adware web browser extension that is display banners ads as well as contextual link ads . The ads are injected by the web browser plugin (IE, FF and Chrome) and will display on any web site, even those not associated or affiliated with the publisher.
appbud.net/support
88% remove it
 
Powered by Should I Remove It?

Remove updateappbud.exe - Powered by Reason Core Security