woodenseal.ffupdate.dll

Wooden Seal

FFUpdate is the Mozilla Firefox plugin manager for the Wooden Seal branded Yontoo adware browser platform. The component is designed to install and keep Firefox connected to the adware updater. The module woodenseal.ffupdate.dll by Wooden Seal has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Wooden Seal  (signed and verified)

Version:
1.0.5718.11685

MD5:
757a8b5af1e04ca4d90634037ceb10e4

SHA-1:
152854ecc9dcd55972ec38e107cc2971a29e503d

SHA-256:
7e3112fa4d4ee97c13fb588102190c8a2b8924029070d4b004c6261a93a0ddf4

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo distributed ad-supported web browser plugin for Firefox.

Analysis date:
11/5/2024 10:44:48 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Yontoo (M)
17.3.10.20

File size:
513.2 KB (525,552 bytes)

Product version:
1.0.5718.11685

Original file name:
2015082814.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\wooden seal\bin\plugins\woodenseal.ffupdate.dll

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
1/14/2015 4:00:00 PM

Valid to:
1/15/2016 3:59:59 PM

Subject:
CN=Wooden Seal, O=Wooden Seal, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
55680C612B31A22AA15004D7A2490924

File PE Metadata
Compilation timestamp:
8/28/2015 7:29:30 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

.NET CLR dependent:
Yes

Entry address:
0x8025E

Entry point:
FF, 25, 00, 20, 00, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.7325

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
505 KB (517,120 bytes)

Remove woodenseal.ffupdate.dll - Powered by Reason Core Security