» 182.dll
Overview
Analysis
File Details
Behaviors (1)

182.dll

The module 182.dll has been detected as a potentially unwanted program by 16 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Safer-Surf’.

File name:

182.dll

MD5:

23cba76d752e0c02aac06b8cdbae8646

SHA-1:

bf84305a1866dee03275a94ff32467d4a2b6d92f

SHA-256:

0d4b27ed4d95e71c2ffc65cd13d27d299e180f6c6f0e197e9c0e809b78ee5299

Scanner detections:

16 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 10:48:13 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Graftor.158405

801

AhnLab V3 Security

PUP/Win32.Addlyrics

2014.11.21

AVG

Generic5

2015.0.3279

Baidu Antivirus

Adware.Win32.AddLyrics

4.0.3.141126

Bitdefender

Gen:Variant.Adware.Graftor.158405

1.0.20.1650

Dr.Web

Trojan.Lyrics.191

9.0.1.0330

Emsisoft Anti-Malware

Gen:Variant.Adware.Graftor.158405

8.14.11.26.11

ESET NOD32

Win32/Adware.AddLyrics.CE (variant)

8.10759

Fortinet FortiGate

Riskware/AddLyrics

11/26/2014

F-Secure

Gen:Variant.Adware.Graftor.158405

11.2014-26-11_4

G Data

Gen:Variant.Adware.Graftor.158405

14.11.24

McAfee

Artemis!23CBA76D752E

5600.6935

MicroWorld eScan

Gen:Variant.Adware.Graftor.158405

15.0.0.990

NANO AntiVirus

Trojan.Win32.Lyrics.dibdmz

0.28.6.63474

Reason Heuristics

Threat.Win.Reputation.IMP

14.11.26.11

VIPRE Antivirus

Revizer.b

34988

File size:

230 KB (235,520 bytes)

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\ver4safer-surf\182.dll

File PE Metadata

Compilation timestamp:

11/10/2014 11:05:47 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

3072:chmhXhigjVZK1ORrGM6uBUxTReMWo+JzfGneL52vgUBiYv4fRy:chmRhb3K1uaMk9xYGiYv8Ry

Entry address:

0xF54E

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 21, 65, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, C8, A7, 02, 10, E8, 43, 20, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, F0, ED, 02, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 10, 41, 02, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

133 KB (136,192 bytes)

Internet Explorer BHO

Display name:

Safer-Surf

CLSID:

{04A6E714-DB8C-37C2-C81D-AE3715DBB5B0}

Remove 182.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.