betarezbho.dll

Beta Rez

Part of the Yontoo adware component, a web browser plugin that injects unwanted ads in the browser. The module betarezbho.dll by Beta Rez has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Beta Rez by Yontoo Technology, Inc. which is a potentially unwanted software program.
Publisher:
Beta Rez  (signed and verified)

Product:
Beta Rez

Version:
1.0.0.3

MD5:
85edcbcd0cb562e1f6c6186a56b72e60

SHA-1:
06e830b7f4fcb1b73852c761ec74e429696964c4

SHA-256:
0a2cf0b197b3730a5e50f078c50c01e61691530ecdf47808f989682a66a8b995

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Belongs to the Sambreel/Yontoo progam that inserts various forms of advertising in the user's web browser, installed with minimal or no user consent.

Analysis date:
1/18/2019 3:11:32 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Yontoo (M)
17.1.27.12

File size:
244.3 KB (250,144 bytes)

Product version:
1.0.0.3

Copyright:
(c) Beta Rez. All rights reserved.

Original file name:
Beta RezIEClient.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\beta rez\betarezbho.dll

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
3/19/2014 1:00:00 AM

Valid to:
3/20/2015 12:59:59 AM

Subject:
CN=Beta Rez, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Beta Rez, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
551AC20E6814AE1BD6F9CC331B9C1C38

File PE Metadata
Compilation timestamp:
8/12/2014 5:37:28 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

Entry address:
0x12854

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 41, 8D, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 70, 30, 03, 10, E8, BD, 01, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 04, 78, 03, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, FC, A4, 02, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
159 KB (162,816 bytes)

The file betarezbho.dll has been discovered within the following program.

Beta Rez  by Yontoo Technology, Inc.
Beta Rez is an adware program that integrates into the user's web browsers (IE, Chrome, Firefox) and will perform a number of functions mostly designed to generate advertising supported or affiliate revenue.
betarez.net/support
85% remove it
 
Powered by Should I Remove It?

Remove betarezbho.dll - Powered by Reason Core Security