home

ClingClang.BrowserFilterG.dll

Cling Clang

Installed as part of the Yontoo Cling Clang branded web browser extension, the BrowserFilter component is responsible for injecting advertising in the browser based on the context of the HTML being rendered. Ads are injected in the browser in the form of inline text, coupons, multi-site searching and additional offers. The module ClingClang.BrowserFilterG.dll by Cling Clang has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Cling Clang  (signed and verified)

Version:
1.0.5155.25256

MD5:
8a768869b2702dd4d8f9421c1fdf44eb

SHA-1:
5abfad7bd15529a76a9185c8c4ce96f81b906c6f

SHA-256:
f23eabb65d4ad242cfad45cc2fe322c952dab0617a7f5872cac129cbbfd77b72

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo ad injection web browser add-on.

Analysis date:
4/23/2024 5:02:13 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Yontoo.ClingClang (M)
16.2.3.4

File size:
276.8 KB (283,424 bytes)

Product version:
1.0.5155.25256

Original file name:
ClingClang.BrowserFilterG.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\cling clang\bin\plugins\clingclang.browserfilterg.dll

Digital Signature
Signed by:
Cling Clang

Authority:
VeriSign, Inc.

Valid from:
10/6/2013 7:00:00 PM

Valid to:
10/7/2014 6:59:59 PM

Subject:
CN=Cling Clang, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Cling Clang, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5D74FBB0061E5BD76029878075B12101

File PE Metadata
Compilation timestamp:
2/11/2014 9:02:01 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:2kGGFumT2A1JWTiGFs1M5XzKHxt6K5Yeer1Ct0ZlTkDZQUOXa0/:jGO31JmiGFXzKHx/eBzTnHKK

Entry address:
0x45186

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
268.5 KB (274,944 bytes)

Remove ClingClang.BrowserFilterG.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.