» coupons64.dll
Overview
Analysis
File Details
Programs (1)

coupons64.dll

Cloud Software

The module coupons64.dll by Cloud Software has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Browser Extensions by Spigot, Inc. which is a potentially unwanted software program.

File name:

coupons64.dll

Publisher:

Cloud Software (signed and verified)

Version:

1, 9, 0, 1

MD5:

9e661c12eeebe13d26551d1afa08e73c

SHA-1:

63d0d648195fdce98686858624eee31ef5af31fc

SHA-256:

197e4a2325bcc6e4e24fefa236c49afc978b8bcea9a97ebff0c9e5fc7ea5803f

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

5/13/2024 4:20:49 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Spigot (M)

17.3.7.18

File size:

697.3 KB (714,024 bytes)

Product version:

1, 9, 0, 1

File type:

Dynamic link library (Win64 DLL)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\roaming\browserextensions\coupons64.dll

Digital Signature

Signed by:

Cloud Software

Authority:

DigiCert Inc

Valid from:

3/8/2016 7:00:00 AM

Valid to:

3/7/2017 7:00:00 PM

Subject:

CN=Cloud Software, O=Cloud Software, L=Incline Village, S=Nevada, C=US

Issuer:

CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

09C8D9FCE70C8F921CB55912E7F1B2DE

Registration

CLSID:

{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}

COM registered:

Yes

File PE Metadata

Compilation timestamp:

3/1/2017 2:47:39 AM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

9.0

Entry address:

0x3EBD4

Entry point:

48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, AB, 8B, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, AB, FE, FF, FF, CC, CC, CC, 48, 89, 5C, 24, 10, 48, 89, 74, 24, 18, 57, 41, 54, 41, 55, 48, 83, EC, 40, 48, 89, 64, 24, 30, 45, 8B, E0, 48, 8B, FA, 48, 8B, F1, 45, 33, ED, 41, 8B, C5, 49, 3B, CD, 0F, 95, C0, 41, 3B, C5, 75, 26, E8, E5, 01, 00, 00, C7, 00, 16, 00, 00, 00, 4C, 89, 6C... 
[+]

Entropy:

5.8517

Code size:

346 KB (354,304 bytes)

The file coupons64.dll has been discovered within the following program.

Browser Extensions by Spigot, Inc.

Publisher's description - “The toolbar communicates with our servers from time to time to check for available software updates such as bug fixes, patches, enhanced functions and new versions. By installing the toolbar, you agree to automatically request and receive updates.”

www.spigot.com

66% remove it

Remove coupons64.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.