home

appbud.browserfilter.helper.dll

App Bud

Part of the Yontoo adware component, a web browser plugin that injects unwanted ads in the browser. The module appbud.browserfilter.helper.dll by App Bud has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. Additionally, the file is typically installed by a number of programs including App Bud by Yontoo Technology, Inc. and Buzzdock by Alactro LLC, both potentially unwanted software.
Publisher:
App Bud  (signed and verified)

MD5:
bf97fd003d2665f55f8c3b53df377b48

SHA-1:
c8124687ff0b21f15a01fbc69f9b1556e65f9405

SHA-256:
13ac14ed4010a92db09e72d0aef716d19a3c55957044af37e1356521beec158c

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Belongs to the Sambreel/Yontoo progam that inserts various forms of advertising in the user's web browser, installed with minimal or no user consent.

Analysis date:
5/17/2024 3:55:06 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Yontoo.AppBud (M)
16.5.2.1

File size:
388.8 KB (398,104 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\app bud\appbud.browserfilter.helper.dll

Digital Signature
Signed by:
App Bud

Authority:
DigiCert Inc

Valid from:
6/9/2014 7:00:00 AM

Valid to:
6/17/2015 7:00:00 PM

Subject:
CN=App Bud, O=App Bud, L=Santa Monica, S=California, C=US

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
07591B091A65F99B8121AB657546815A

File PE Metadata
Compilation timestamp:
7/22/2014 3:09:47 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:SRLdBzWsg2wx/LuLKcKURL1qUJbO8G+/bxpzwE/NO55AdmuLDm7IO4Asa7mw:+LdHsLer7pNO8Gmxph1OY+MOcKl

Entry address:
0x1A2DA

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, F5, 61, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 40, D4, 05, 10, 89, 0D, 3C, D4, 05, 10, 89, 15, 38, D4, 05, 10, 89, 1D, 34, D4, 05, 10, 89, 35, 30, D4, 05, 10, 89, 3D, 2C, D4, 05, 10, 66, 8C, 15, 58, D4, 05, 10, 66, 8C, 0D, 4C, D4, 05, 10, 66, 8C, 1D, 28, D4, 05, 10, 66, 8C, 05, 24, D4, 05, 10, 66, 8C, 25, 20, D4, 05, 10, 66, 8C, 2D, 1C, D4, 05, 10, 9C, 8F, 05, 50, D4...
 
[+]

Entropy:
4.9058

Code size:
174 KB (178,176 bytes)

The file appbud.browserfilter.helper.dll has been discovered within the following programs.

App Bud  by Yontoo Technology, Inc.
App Bud is an adware web browser extension that is display banners ads as well as contextual link ads . The ads are injected by the web browser plugin (IE, FF and Chrome) and will display on any web site, even those not associated or affiliated with the publisher.
appbud.net/support
88% remove it
Buzzdock  by Alactro LLC
This is a web browser extension that injects advertising. From the EULA: "Buzzdock is free to download and use. Buzzdock is supported by advertising, and users will see additional ads on websites where Buzzdock features operate.
www.buzzdock.com/faq-support
79% remove it
 
Powered by Should I Remove It?

Remove appbud.browserfilter.helper.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.