» Color My Facebook.dll
Overview
Analysis
File Details
Programs (1)

Color My Facebook.dll

Color My Facebook

Safari Developer: (ZMLURJCR77) duvalaugustin@gmail.com

The library Color My Facebook.dll, “Color My Facebook BHO” has been detected as malware by 1 anti-virus scanner. This file is typically installed with the program Color My Facebook by Duval which is a potentially unwanted software program.

File name:

Publisher:

Duval (signed by Safari Developer: (ZMLURJCR77) duvalaugustin@gmail.com)

Product:

Color My Facebook

Description:

Color My Facebook BHO

Version:

1.1.152.183

MD5:

111c9da2a1bcbf199d76cb35b127f513

SHA-1:

c6f0799526419831ca5d2a194799d779bc786ded

SHA-256:

bddbd68c9e4cf29cf372702827d1465b69db26a5ed39257e9e2b55531458b39a

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

4/19/2024 9:07:08 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Threat.Win.Reputation.IMP

16.2.1.8

File size:

625.1 KB (640,088 bytes)

Product version:

1.1.152.183

Original file name:

Color My Facebook.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\color my facebook\color my facebook.dll

Digital Signature

Signed by:

Safari Developer: (ZMLURJCR77) duvalaugustin@gmail.com

Authority:

Apple Inc.

Valid from:

7/15/2012 10:25:00 PM

Valid to:

7/15/2013 10:25:00 PM

Subject:

C=FR, CN=Safari Developer: (ZMLURJCR77) duvalaugustin@gmail.com, OID.0.9.2342.19200300.100.1.1=3MV9W8EA58

Issuer:

CN=Apple Worldwide Developer Relations Certification Authority, OU=Apple Worldwide Developer Relations, O=Apple Inc., C=US

Serial number:

24A43EE61F285A43

File PE Metadata

Compilation timestamp:

1/3/2013 6:51:21 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:WQf6N2pXvVDlcNTrPN/4UpfUFHf2pl8qHiNa:1CN2p/tu1PGQfu+pl8qma

Entry address:

0x3C6DE

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, B6, 9A, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 85, C0, 74, 12, 83, E8, 08, 81, 38, DD, DD, 00, 00, 75, 07, 50, E8, 1B, C2, FF, FF, 59, 5D, C3, 8B, FF, 55, 8B, EC, 83, EC, 10, A1, 70, DE, 08, 10, 33, C5, 89, 45, FC, 8B, 55, 18, 53, 33, DB, 56, 57, 3B, D3, 7E, 1F, 8B, 45, 14, 8B, CA, 49, 38, 18, 74, 08, 40, 3B, CB, 75, F6, 83, C9, FF, 8B, C2, 2B, C1, 48, 3B, C2, 7D, 01, 40, 89, 45, 18... 
[+]

Code size:

443.5 KB (454,144 bytes)

The file Color My Facebook.dll has been discovered within the following program.

Color My Facebook by Duval

Publisher's description - “No more blue on Facebook! Choose your favorite color and see result instantly on your Facebook pages. Over 2,500,000 people downloaded Color My Facebook, the most popular and beautiful Facebook color changer! Are you?”

colormyfacebook.com

64% remove it

Remove Color My Facebook.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.