» CShared.dll
Overview
Analysis
File Details
Behaviors (1)

CShared.dll

Crawler Shared Library

Inbox.com, Inc

The module CShared.dll by Inbox.com, Inc has been detected as adware by 6 anti-malware scanners.

File name:

CShared.dll

Publisher:

Crawler.com (signed by Inbox.com, Inc)

Product:

Crawler Shared Library

Description:

Crawler Toolbar

Version:

5.0.0.160

MD5:

5f6448256d6ac35f601b1f77511b891f

SHA-1:

a98392810ad7114b6e484845581224362d65420e

SHA-256:

9ba88493acd2dc50cd4d06d70cfe06188b2dc2dc047c764c30b4e63ad0954faf

Scanner detections:

6 / 68

Status:

Adware

Analysis date:

4/27/2024 1:14:56 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Trash.Gen

7.11.30.172

Dr.Web

Trojan.Damaged.1

9.0.1.0271

Kaspersky

Packed.Win32.Krap

14.0.0.3180

Reason Heuristics

PUP.Toolbar.Inbox.H

14.8.29.0

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

10331

VIPRE Antivirus

Threat.4729122

29708

File size:

814.1 KB (833,672 bytes)

Product version:

5.0.0.160

Original file name:

CShared.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\inbox.com\shared\cshared.dll

Digital Signature

Signed by:

Inbox.com, Inc

Authority:

Thawte, Inc.

Valid from:

8/28/2011 7:00:00 PM

Valid to:

9/4/2013 6:59:59 PM

Subject:

CN="Inbox.com, Inc", OU=INBOX.COM, O="Inbox.com, Inc", L=Wilmington, S=DELAWARE, C=US

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

263A9EA35EE9217F9233ABD64FC388C0

Registration

CLSIDs:

{183643C8-EE67-4574-9A38-927852E34163}, {54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}, {8736C681-37A0-40C6-A0F0-4C083409151C}, {DB35C569-5624-4CFC-8043-E5139F55A073}, {EFB46ED3-8FD8-4051-8FD6-DD9CE7E63BEF}

ProgIDs:

CShared.TB4Server, CShared.TB4Client, CShared.TB4Script, CShared.TB4Server2

COM registered:

Yes

File PE Metadata

Compilation timestamp:

8/16/2010 6:31:26 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:Wl2aYWoswJxNk2/rFzC11WjAZoI1vAoyUs+:WlYW/w1N5vjAZoI1vAoK+

Entry address:

0x90224

Entry point:

55, 8B, EC, 83, C4, C4, B8, DC, DE, 48, 00, E8, A4, 76, F7, FF, E8, 3F, 4F, F7, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.6658

Developed / compiled with:

Microsoft Visual C++

Code size:

570 KB (583,680 bytes)

Safe for Initializing Control

CLSID:

{8736C681-37A0-40C6-A0F0-4C083409151C}

Remove CShared.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.