home

ClientKeeperToolbar.DLL

Client Keeper PhishingPro

SoftSecurity Co. Ltd.

It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘ToolbarLoader Class’.
Publisher:
SoftSecurity Co. Ltd.  (signed and verified)

Product:
Client Keeper PhishingPro

Description:
ClientKeeper PhishingPro

Version:
1, 0, 1, 1

MD5:
976cccac9b20cbdb76dfed512cdd2080

SHA-1:
acd3e4d05eb05b6c60598c8971ff174a19d8dc5e

SHA-256:
367e51236f9e6e6c5ff58e8920ee629b4a94cbe065f74db6fee1548b736c23da

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/6/2024 3:30:34 AM UTC  (today)

File size:
385.2 KB (394,448 bytes)

Product version:
1, 0, 1, 1

Copyright:
SoftSecurity Co. Ltd. Copyright 2009

Original file name:
ClientKeeperToolbar.DLL

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\ProgramData\clientkeeper\phishingpro\bin\clientkeepertoolbar.dll

Digital Signature
Signed by:
SoftSecurity Co. Ltd.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
11/18/2009 9:00:00 AM

Valid to:
11/19/2010 8:59:59 AM

Subject:
CN=SoftSecurity Co. Ltd., OU=PC Security, O=SoftSecurity Co. Ltd., L=Gangnam-Gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
71CD20AD3F93763D18E616B4689A9927

Registration
CLSIDs:
{0C1E01A6-7923-46D8-8E3D-0F62B4A0250B}, {F5BEA1B9-FEF6-4093-846D-753C42A1B00A}

ProgIDs:
ClientKeeperToolbar.ToolBand.1, ClientKeeperToolbar.ToolbarLoader.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
4/22/2010 5:58:08 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:JYgiva4Vi9E1ZukHQdrlN85lgZK8zLjUwHYUBfemVzwIqP4lFLGu5Qtz7Zmr9MqQ:ygxkn5EKepHYkfj3qQ3joUpRyP3BkqZz

Entry address:
0x206C6

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, BF, 81, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, 56, 57, 33, F6, BF, 70, AB, 04, 10, 83, 3C, F5, 14, 88, 04, 10, 01, 75, 1E, 8D, 04, F5, 10, 88, 04, 10, 89, 38, 68, A0, 0F, 00, 00, FF, 30, 83, C7, 18, E8, 2D, 82, 00, 00, 85, C0, 59, 59, 74, 0C, 46, 83, FE, 24, 7C, D2, 33, C0, 40, 5F, 5E, C3, 83, 24, F5, 10, 88, 04, 10, 00, 33, C0, EB, F1, 53, 8B, 1D, 40, 02, 03, 10, 56, BE, 10, 88, 04, 10, 57, 8B, 3E, 85, FF, 74, 13, 83, 7E...
 
[+]

Entropy:
6.1395

Code size:
188 KB (192,512 bytes)

Internet Explorer BHO
CLSID:
{F5BEA1B9-FEF6-4093-846D-753C42A1B00A}

CLSID name:
ToolbarLoader Class


Scan ClientKeeperToolbar.DLL - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.