home

webamplified.ffupdate.dll

Web Amplified

FFUpdate is the Mozilla Firefox plugin manager for the Web Amplified branded Yontoo adware browser platform. The component is designed to install and keep Firefox connected to the adware updater. The module webamplified.ffupdate.dll by Web Amplified has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Web Amplified  (signed and verified)

Version:
1.0.5744.36638

MD5:
c142190d7cec2a33f1ae53dd5f89b630

SHA-1:
ca583e118412ddfaf4a7dad7304b0ca5e9d4013f

SHA-256:
c72c139fb9ca1cc154a7152ef9d20328c4d23dff98981c61ff02bce80da32ecc

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo distributed ad-supported web browser plugin for Firefox.

Analysis date:
11/5/2024 10:27:43 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Yontoo (M)
17.3.12.2

File size:
558.7 KB (572,152 bytes)

Product version:
1.0.5744.36638

Original file name:
2015092404.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Digital Signature
Signed by:
Web Amplified

Authority:
VeriSign, Inc.

Valid from:
1/15/2015 1:00:00 AM

Valid to:
1/16/2016 12:59:59 AM

Subject:
CN=Web Amplified, O=Web Amplified, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
009AB47155C5D982D7250D516F667FE4

File PE Metadata
Compilation timestamp:
9/24/2015 6:21:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

.NET CLR dependent:
Yes

Entry address:
0x8B86E

Entry point:
FF, 25, 00, 20, 00, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
550.5 KB (563,712 bytes)

Remove webamplified.ffupdate.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.