ZebarBrowserFilter.exe

Zebar

Installed as part of the Yontoo Zebar branded web browser extension, the BrowserFilter component is responsible for injecting advertising in the browser based on the context of the HTML being rendered. Ads are injected in the browser in the form of inline text, coupons, multi-site searching and additional offers. The application ZebarBrowserFilter.exe by Zebar has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Zebar  (signed and verified)

Version:
0.0.0.0

MD5:
3515a25667c738ab0ea84180cca6a518

SHA-1:
0e056ea27bd430db17d62be060dfa43ec679310d

SHA-256:
2ea32066c4c92b03de26d5f52a3a2dd8421857b9fc0edd6f1424743131f941a6

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo ad injection web browser add-on.

Analysis date:
12/24/2024 12:17:16 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Yontoo (M)
17.3.15.12

File size:
41.3 KB (42,264 bytes)

Product version:
0.0.0.0

Original file name:
ZebarBrowserFilter.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\zebar\zebarbrowserfilter.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
3/10/2014 5:30:00 AM

Valid to:
3/11/2015 5:29:59 AM

Subject:
CN=Zebar, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Zebar, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
443A7E0E2025885A74F146162C4BEE38

File PE Metadata
Compilation timestamp:
5/18/2014 12:45:27 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

Entry address:
0x9FFE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.0273

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
32.5 KB (33,280 bytes)

Remove ZebarBrowserFilter.exe - Powered by Reason Core Security