» bubvi06izryqs1.dll
Overview
Analysis
File Details
Behaviors (1)

bubvi06izryqs1.dll

right significant basic

The module bubvi06izryqs1.dll has been detected as a potentially unwanted program by 22 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘WeBBinag’.

File name:

bubvi06izryqs1.dll

Publisher:

right significant basic

Product:

right significant basic

Description:

IDE development

Version:

software software

MD5:

e6b1dcd76c32ee9d165867e9e264070c

SHA-1:

e27d03c15751ee9a57f4177fca5de359b8d36d4e

SHA-256:

7745c83eaf3ea86601740479c8be95ffc0ea4b8d4975829cd415034e398ff60a

Scanner detections:

22 / 68

Status:

Potentially unwanted

Analysis date:

4/19/2024 1:46:20 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Graftor.153998

868

AhnLab V3 Security

PUP/Win32.101Alemi

2014.09.20

Avira AntiVirus

TR/Graftor.153998

7.11.171.66

AVG

Generic5

2015.0.3346

Baidu Antivirus

Adware.Win32.MultiPlug

4.0.3.14919

Bitdefender

Gen:Variant.Adware.Graftor.153998

1.0.20.1310

Comodo Security

ApplicUnwnt

19456

Emsisoft Anti-Malware

Gen:Variant.Graftor.154184

14.09.19

ESET NOD32

Win32/AdWare.MultiPlug.BN application

7.0.302.0

Fortinet FortiGate

Riskware/MultiPlug

9/19/2014

F-Secure

Gen:Variant.Adware.Graftor.153998

11.2014-19-09_6

G Data

Gen:Variant.Adware.Graftor.153998

14.9.24

IKARUS anti.virus

not-a-virus:AdWare.Agent

t3scan.1.7.8.0

Kaspersky

not-a-virus:AdWare.Win32.Agent

14.0.0.3226

Malwarebytes

PUP.Optional.MultiPlug

v2014.09.19.09

McAfee

RDN/Generic PUP.x!cmn

5600.7002

MicroWorld eScan

Gen:Variant.Adware.Graftor.153998

15.0.0.786

Qihoo 360 Security

HEUR/QVM30.1.Malware.Gen

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

14.9.19.21

Sophos

Generic PUA OP

4.98

Trend Micro House Call

Suspicious_GEN.F47V0904

7.2.262

VIPRE Antivirus

Trojan.Win32.Generic

32924

File size:

610 KB (624,640 bytes)

Product version:

right significant basic

Original file name:

IDE development

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\webbinag\bubvi06izryqs1.dll

File PE Metadata

Compilation timestamp:

9/19/2014 4:04:22 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:Sct0QIveVfSK1HMlRwDrQCVQ3fkJ8NB5JwbZGOR:SctPKufs2Dr7Y8+B09x

Entry address:

0x5BB01

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 6D, 5B, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 18, 4E, 07, 10, E8, 50, 0B, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, C0, FE, 07, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 90, C3, 06, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Entropy:

5.8620

Developed / compiled with:

Microsoft Visual C++

Code size:

412 KB (421,888 bytes)

Internet Explorer BHO

Display name:

WeBBinag

CLSID:

{ba0f5089-c519-4071-afd6-1d9d455bff51}

Remove bubvi06izryqs1.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.