» apps hat mini-buttonutil.dll
Overview
Analysis
File Details

apps hat mini-buttonutil.dll

The module apps hat mini-buttonutil.dll has been detected as adware by 24 anti-malware scanners. The ButtonUtil module (32-bit version) uses the Crossrider web extension monetization toolkit and will perform a number of helper integration activities on the user's web browser's as well as the Window's Shell in order to install the addon.

File name:

MD5:

e42a4e5c4ebdf450b77fd5f7b0cb9415

SHA-1:

af28ea942cb65b4c48d9337f648fc0d07ae08460

SHA-256:

95350b234a9f27526a37edcec7a6634d705e8c788553bce8de1603d605df8c69

Scanner detections:

24 / 68

Status:

Adware

Explanation:

Part of the Crossrider toolbar platform.

Note:

Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application.

Analysis date:

4/24/2024 4:29:38 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.11313481

833

Agnitum Outpost

PUA.Toolbar.CrossRider

7.1.1

AhnLab V3 Security

PUP/Win32.CrossRider

2014.10.25

Avira AntiVirus

Adware/CrossRider.A.159

7.11.181.44

avast!

Win32:BHO-ANA [Trj]

141025-0

AVG

Adware Generic5.BKKF

2014.0.4040

Baidu Antivirus

Adware.Win32.CrossRider

4.0.3.141025

Bitdefender

Trojan.Generic.11313481

1.0.20.1490

Dr.Web

DLOADER.Trojan

9.0.1.0298

Emsisoft Anti-Malware

Trojan.Generic.11313481

14.10.25

ESET NOD32

Win32/Toolbar.CrossRider.AA potentially unwanted application

7.0.302.0

Fortinet FortiGate

Riskware/Toolbar_CrossRider

10/25/2014

F-Secure

Trojan.Generic.11313481

11.2014-25-10_7

G Data

Trojan.Generic.11313481

14.10.24

IKARUS anti.virus

AdWare.CrossRider

t3scan.1.7.8.0

K7 AntiVirus

Trojan

13.185.13805

Malwarebytes

PUP.Optional.Crossrider

v2014.10.25.09

McAfee

Artemis!E42A4E5C4EBD

5600.6967

MicroWorld eScan

Trojan.Generic.11313481

15.0.0.894

NANO AntiVirus

Trojan.Win32.Generic.cvhhdf

0.28.2.62841

nProtect

Trojan.Generic.11313481

14.10.24.01

Reason Heuristics

PUP.Crossrider.Y

14.7.14.14

Sophos

AppRider

4.98

VIPRE Antivirus

Crossrider

34232

File size:

416 KB (425,984 bytes)

File type:

Dynamic link library (Win64 DLL)

Common path:

C:\Program Files\apps hat mini\apps hat mini-buttonutil.dll

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

6144:8lvttKjLh+u/nQcU2DPRcM1TBkzwi3r5e4rNPMyrcCmmz:8RXIVQcU2Nz1TGzwB4rCWcCmmz

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, BC, 94, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, C0, 41, 05, 10, E8, E9, 3F, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 80, E1, 05, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, B0, C1, 04, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Remove apps hat mini-buttonutil.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.