home

cenbho32.dll

Centrum Holdings s.r.o.

The module cenbho32.dll by Centrum Holdings s.r.o has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Lišta Centrum.cz’.
Publisher:
Centrum Holdings s.r.o.  (signed and verified)

Version:
1.0.2.0

MD5:
6d5f4966d9dad025108f323779f1dc1b

SHA-1:
835ecf1b20763a55f21b060dc770c0f55b1f3441

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/19/2024 4:01:27 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.BHO.CentrumHoldingssro.I
14.8.12.15

File size:
259.5 KB (265,680 bytes)

Product version:
1.0.0.0

File type:
Dynamic link library (Win32 DLL)

Language:
Czech

Common path:
C:\Program Files\centrum holdings s.r.o\lišta centrum.cz\cenbho32.dll

Digital Signature
Signed by:
Centrum Holdings s.r.o.

Authority:
COMODO CA Limited

Valid from:
11/24/2011 1:00:00 AM

Valid to:
11/24/2012 12:59:59 AM

Subject:
CN=Centrum Holdings s.r.o., OU=IT, O=Centrum Holdings s.r.o., STREET="Jankovcova 1037/49, Classic 7", L=Prague, S=Prague, PostalCode=170 00, C=CZ

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00889122E005044368951BC5745AD6E993

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
3072:TjiaB45Xe4hWVWrvH248HCIUolq381yv9rWjIkIf9dBtclGS9g92L+IS2w8bQ:TjiaKeC7ru4Lak81O9rX9oi92nQ

Entry address:
0x193C0

Entry point:
55, 8B, EC, 83, C4, C4, B8, 1C, 88, 41, 00, E8, 1C, CF, FE, FF, A1, 68, AB, 41, 00, C6, 00, 01, E8, A7, B1, FE, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 32, 13, 8B, C0, 00, 8D, 40, 00, 00, 8D, 40, 00, 00, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
95.5 KB (97,792 bytes)

Internet Explorer BHO
CLSID:
{5D9C17C6-093D-43E5-BF3D-4A13D162AB74}


Remove cenbho32.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.