home

avscan-20161203-231015-6c0d5c9e

MySearchDial Toolbar

Montiera Technologies LTD

It is part of the Montiera web browser toolbar monetization platform which injects browser search and advertising within the user's web browser. The file avscan-20161203-231015-6c0d5c9e by Montiera Technologies has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
MySearchDial  (signed by Montiera Technologies LTD)

Product:
MySearchDial Toolbar

Version:
1.8.29.0

MD5:
24a8e970d04197589e73b4aa969f1648

SHA-1:
0c1c57bf713a7fb650056283f04893b9aeaadabe

SHA-256:
b9f8540a02b134ac1f3402424b082c6c72df9e765ca93a3ff3e13a3d61f8182d

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/25/2024 8:54:50 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Montiera (M)
16.12.4.3

File size:
273.4 KB (279,960 bytes)

Product version:
1.8.29.0

Copyright:
(c) MySearchDial All rights reserved.

Language:
English (United States)

Common path:
C:\ProgramData\avira\antivirus\temp\avscan-20161203-225447-eac78004\avscan-20161203-231015-6c0d5c9e

Digital Signature
Signed by:
Montiera Technologies LTD

Authority:
COMODO CA Limited

Valid from:
6/26/2013 5:30:00 AM

Valid to:
6/27/2014 5:29:59 AM

Subject:
CN=Montiera Technologies LTD, O=Montiera Technologies LTD, STREET="18, Amammi st", L=Even Yehuda, S=Hasharon, PostalCode=40500, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
3E6A02DA5FCBA17D267CD5B0DBC10A17

File PE Metadata
Compilation timestamp:
12/26/2013 6:18:08 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:u6l5D/isdbQPvEkQWk2J9LLP8X6/kL/662TkUr6Fn1bLRyaZ6b2ZR3AKJPVENu2F:u6jWyDkQt2J9kXj1YkTBRLRnobqRlI2Y

Entry address:
0x1AF9E

Entry point:
0D, 7E, 94, 3A, DB, 4B, FB, A9, 0F, 50, 09, 52, 6F, 89, 29, BA, 5C, FF, CB, 5D, BD, B0, 90, 7C, 77, 97, 06, 51, 2C, 9A, 41, F1, 29, FA, 9F, 09, D9, AA, CA, DC, 7B, B7, 9E, 7C, FE, 43, BB, FE, DC, 15, DB, B1, 2B, 87, B2, 02, 2E, 63, 51, F8, 4D, 8F, D1, C6, 7A, CB, A7, 80, 51, 55, 20, D2, 12, FA, 40, A4, 3D, A6, 85, 35, C2, 7F, 43, 1F, A4, E1, 29, 9D, 32, A9, 64, F5, 5E, 42, B6, F9, 50, 8F, BC, E8, 4C, 8A, 9B, A4, 19, 6E, 04, 33, 55, 27, 94, EE, F1, 50, 67, B9, BF, 7B, D9, E6, E0, 14, DA, 44, B6, C0, 57, EF...
 
[+]

Entropy:
7.0859

Code size:
180.5 KB (184,832 bytes)

Remove avscan-20161203-231015-6c0d5c9e - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.