» alnaddytoolbartlbr.dll
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

alnaddytoolbartlbr.dll

Alnaddy Toolbar

Montera Technologeis LTDD

This is part of the Montera web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The module alnaddytoolbartlbr.dll by Montera TechnologeisD has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is installed as a toolbar in Internet Explore as ‘Alnaddy.com Toolbar’. This file is typically installed with the program Alnaddy.com toolbar on IE by Alnaddy.com which is a potentially unwanted software program.

File name:

Publisher:

Alnaddy.com (signed by Montera Technologeis LTDD)

Product:

Alnaddy Toolbar

Version:

1.5.23.0

MD5:

b03b428a35639e7fd99644deb794357f

SHA-1:

9ccf8350a64f2aae642b03e8024de6e62da383bf

SHA-256:

f0422da8b8af2dcfe37a56059ef5192784be5f7de9108ad9ef37a8b25b4df7ac

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

4/23/2024 3:52:28 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Montiera.Montera.Toolbar (M)

16.2.15.15

File size:

268.2 KB (274,640 bytes)

Product version:

1.5.23.0

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\alnaddy.com\alnaddytoolbar\1.5.23.10\alnaddytoolbartlbr.dll

Digital Signature

Signed by:

Montera Technologeis LTDD

Authority:

The USERTRUST Network

Valid from:

5/16/2011 2:00:00 AM

Valid to:

5/16/2012 1:59:59 AM

Subject:

CN=Montera Technologeis LTDD, O=Montera Technologeis LTDD, STREET="18, Amammi st", L=Even Yehuda, S=Hasharon, PostalCode=40500, C=IL

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

0095D386F202E0248D39723608F340A6E5

Registration

CLSID:

{CD3AED25-23AB-4543-B915-159449C37197}

ProgID:

alnaddy.alnaddyToolbardskBnd.1

COM registered:

Yes

File PE Metadata

Compilation timestamp:

4/17/2012 9:05:10 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

3072:GlDSjihY5l7RVyDIgCtiHHl91ANtqOKSzklHhJEos9tW1QViqo+sP:GlmmWz75e91uqOKSzk3yS5q

Entry address:

0x184CB

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 03, 4F, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 83, EC, 10, 57, FF, 75, 10, 8D, 4D, F0, E8, 68, F5, FF, FF, 8B, 7D, 08, 85, FF, 75, 27, E8, BB, 0D, 00, 00, C7, 00, 16, 00, 00, 00, E8, 36, 23, 00, 00, 80, 7D, FC, 00, 74, 07, 8B, 45, F8, 83, 60, 70, FD, B8, FF, FF, FF, 7F, E9, A5, 00, 00, 00, 56, 8B, 75, 0C, 85, F6, 75, 24, E8, 8C, 0D, 00, 00, C7, 00, 16, 00, 00, 00, E8, 07, 23, 00, 00, 80, 7D, FC... 
[+]

Entropy:

6.3312

Code size:

155.5 KB (159,232 bytes)

Internet Explorer Toolbar

Display name:

Alnaddy.com Toolbar

CLSID:

{CD3AED25-23AB-4543-B915-159449C37197}

The file alnaddytoolbartlbr.dll has been discovered within the following program.

Alnaddy.com toolbar on IE by Alnaddy.com

Alnaddy.com toolbar on IE is a potentially unwanted web browser extension that is ad-supported and will display various popup and banner ads as well as modify the user's web browser search and home page settings.

www.alnaddy.com

63% remove it

Remove alnaddytoolbartlbr.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.