» 61460f99-5ad2-4f44-a90f-1281d922bffc.dll
Overview
Analysis
File Details
Programs (1)

61460f99-5ad2-4f44-a90f-1281d922bffc.dll

Naruto Source

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The module 61460f99-5ad2-4f44-a90f-1281d922bffc.dll by Naruto Source has been detected as adware by 14 anti-malware scanners. This file is typically installed with the program Sense by Object Browser which is a potentially unwanted software program. The library is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider. It is distributed as part of the Brightcircle group of browser-extensions.

File name:

Publisher:

Naruto Source (signed and verified)

MD5:

d8f40cecebcfb270ec6a7b4f29e93bd0

SHA-1:

3c5a67bec434e27359099f17b563adeb30e9bb0c

SHA-256:

058eda038d3a4d1fa0aefd85a6c7fc36d607a1a53bffa08a6ac4e8f967dd4d87

Scanner detections:

14 / 68

Status:

Adware

Explanation:

May modify the web browser's settings including changing the homepage and search provider in addition to delivering ads (by injecting banner and text-links directly in the webpage). Distributed through the Brightcircle investments brand.

Analysis date:

4/19/2024 7:44:01 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

Adware/CrossRider.pq

7.11.170.12

avast!

Win32:Crossrider-N [PUP]

2014.9-141130

AVG

Generic

2015.0.3365

Baidu Antivirus

PUA.Win32.CrossRider

4.0.3.141130

ESET NOD32

Win32/Toolbar.CrossRider.BM (variant)

8.10660

Fortinet FortiGate

W32/GoogUpdate.BM!tr

11/30/2014

IKARUS anti.virus

not-a-virus:AdWare.Adwapper

t3scan.1.8.3.0

Kaspersky

not-a-virus:AdWare.NSIS.Adwapper

14.0.0.3319

McAfee

Artemis!FBFDF4634D3E

5600.6931

NANO AntiVirus

Trojan.Win64.GoogUpdate.dhiwng

0.28.6.62995

Panda Antivirus

Trj/Chgt.E

14.09.01.04

Qihoo 360 Security

Win32/Virus.Adware.970

1.0.0.1015

Reason Heuristics

PUP.NarutoSource.e

14.9.1.4

VIPRE Antivirus

Trojan.Win32.Generic

34472

File size:

144.9 KB (148,328 bytes)

File type:

Dynamic link library (Win64 DLL)

Common path:

C:\Program Files\sense\61460f99-5ad2-4f44-a90f-1281d922bffc.dll

Digital Signature

Signed by:

Naruto Source

Authority:

COMODO CA Limited

Valid from:

7/28/2014 8:00:00 AM

Valid to:

7/29/2015 7:59:59 AM

Subject:

CN=Naruto Source, O=Naruto Source, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

1CE82906A7F364268F66771839675655

File PE Metadata

Compilation timestamp:

8/28/2014 6:02:07 AM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

3072:JxH8obbbJ0TEZxOeD7LfmchDG+ZFiaxxvE:fjKTsZ7OchCUzvE

Entry address:

0x68BC

Entry point:

48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, EF, 3C, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, B0, AE, 01, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF... 
[+]

Entropy:

5.9626

Code size:

82.5 KB (84,480 bytes)

The file 61460f99-5ad2-4f44-a90f-1281d922bffc.dll has been discovered within the following program.

Sense by Object Browser

Sense is a potentially unwanted web browser extension that will attempt to modify the user's home and search page settings as well as display advertisements in the browser. The software will attach to IE, Chrome and Firefox.

85% remove it

Remove 61460f99-5ad2-4f44-a90f-1281d922bffc.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.