» coupons.dll
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

coupons.dll

Cloud Software

The module coupons.dll by Cloud Software has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Browser Extensions’. This file is typically installed with the program Browser Extensions by Spigot, Inc. which is a potentially unwanted software program.

File name:

coupons.dll

Publisher:

Cloud Software (signed and verified)

Version:

1, 9, 0, 1

MD5:

a749f53d22b84b09405b41fa8f871638

SHA-1:

e21e30551989915b1171be87b220dc2f810f0f09

SHA-256:

8c28af4312387e460ba7c404f0744bc5b0cc3d4ed6c41777e42bd5672eede7df

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

5/13/2024 10:56:29 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Spigot (M)

17.3.7.18

File size:

606.8 KB (621,352 bytes)

Product version:

1, 9, 0, 1

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\roaming\browserextensions\coupons.dll

Digital Signature

Signed by:

Cloud Software

Authority:

DigiCert Inc

Valid from:

3/8/2016 7:00:00 AM

Valid to:

3/7/2017 7:00:00 PM

Subject:

CN=Cloud Software, O=Cloud Software, L=Incline Village, S=Nevada, C=US

Issuer:

CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

09C8D9FCE70C8F921CB55912E7F1B2DE

File PE Metadata

Compilation timestamp:

3/1/2017 2:46:16 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

Entry address:

0x383C7

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, F8, 8E, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 6A, 0C, 68, 78, 7C, 05, 10, E8, 6A, 14, 00, 00, 33, F6, 89, 75, E4, 33, C0, 8B, 5D, 08, 3B, DE, 0F, 95, C0, 3B, C6, 75, 1C, E8, 69, 01, 00, 00, C7, 00, 16, 00, 00, 00, 56, 56, 56, 56, 56, E8, BF, ED, FF, FF, 83, C4, 14, 33, C0, EB, 7B, 33, C0, 8B, 7D, 0C, 3B, FE, 0F, 95, C0, 3B, C6, 74, D6, 33, C0, 66, 39, 37, 0F, 95, C0, 3B, C6, 74, CA, E8, 8A, 93, 00, 00, 89, 45, 08... 
[+]

Entropy:

6.0401

Code size:

304 KB (311,296 bytes)

Internet Explorer BHO

Display name:

Browser Extensions

CLSID:

{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}

The file coupons.dll has been discovered within the following program.

Browser Extensions by Spigot, Inc.

Publisher's description - “The toolbar communicates with our servers from time to time to check for available software updates such as bug fixes, patches, enhanced functions and new versions. By installing the toolbar, you agree to automatically request and receive updates.”

www.spigot.com

66% remove it

Remove coupons.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.