» BndHook.dll
Overview
Analysis
File Details
Programs (1)

BndHook.dll

Bandoo

Bandoo Media Inc

The module BndHook.dll by Bandoo Media Inc has been detected as a potentially unwanted program by 9 anti-malware scanners. This file is typically installed with the program Bandoo by Bandoo Media Inc.

File name:

BndHook.dll

Publisher:

Discordia Limited (signed by Bandoo Media Inc)

Product:

Bandoo

Description:

BndHook

Version:

1, 0, 0, 1

MD5:

6812d25ce9d51548fb2c644522e970ee

SHA-1:

c5f88701e4519db4cafcb108e6c56285f660a7d2

SHA-256:

383773eb7a5bd1f55e39ad35103684830b312e362969118cac3c68571c405d1c

Scanner detections:

9 / 68

Status:

Potentially unwanted

Analysis date:

4/16/2024 7:08:05 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

PUA.Bandoo

7.1.1

AVG

Bandoo

2017.0.2833

Bkav FE

W32.HfsAdware

1.3.0.7237

Dr.Web

Adware.Bandoo.237

9.0.1.045

Kaspersky

not-a-virus:AdWare.Win32.Bandoo

14.0.0.662

Panda Antivirus

Adware/Fun4IM

16.02.14.12

Reason Heuristics

Win32.Generic

16.2.14.12

Vba32 AntiVirus

AdWare.Bandoo

3.12.26.4

Zillya! Antivirus

Adware.Bandoo.Win32.15

2.0.0.2401

File size:

67.9 KB (69,520 bytes)

Product version:

1, 0, 0, 1

Original file name:

BndHook.dll

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\bin\bndhook.dll

Digital Signature

Signed by:

Bandoo Media Inc

Authority:

Thawte, Inc.

Valid from:

10/6/2010 3:00:00 AM

Valid to:

10/6/2012 2:59:59 AM

Subject:

CN=Bandoo Media Inc, O=Bandoo Media Inc, L=Panama City, S=Panama, C=PA

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

5915CD3A113B9B2AE7B497DDDFCDF8F5

File PE Metadata

Compilation timestamp:

11/3/2009 1:09:16 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

1536:1Re+aZAD3/pFDQGpktBp737Ek/opIx8nM47k:/NlFYLp737n/oex8nRk

Entry address:

0x36F1

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, C6, 3C, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 83, 25, 58, F9, 00, 10, 00, C3, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 00, 01, 00, 00, 72, 0E, 83, 3D, 20, F8, 00, 10, 00, 74, 05, E9, 68, 3D, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1... 
[+]

Code size:

38 KB (38,912 bytes)

The file BndHook.dll has been discovered within the following program.

Bandoo by Bandoo Media Inc

Bandoo is an IM/messaging program. From the EUAL: "You hereby acknowledge that the Applications use various tools to enhance Your view of Web pages which You browse by adding Bandoo features to them, such as, for example, emoticons, winks and ads.

www.bandoo.com

52% remove it

Remove BndHook.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.