home

dynamocombo.ffupdate.dll

Web Tripp

FFUpdate is the Mozilla Firefox plugin manager for the Web Tripp branded Yontoo adware browser platform. The component is designed to install and keep Firefox connected to the adware updater. The module dynamocombo.ffupdate.dll by Web Tripp has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Web Tripp  (signed and verified)

Version:
1.0.5710.31015

MD5:
f057d5a7af4504bf66a1ad660083d9c8

SHA-1:
06ae60c58a5452cb8f0c0b3b181177550c8ce7fe

SHA-256:
7fb3e15fb748dfdc28f06b0b0e0f7c6a3f2319c4d903ad4d925bf9fbc943067d

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo distributed ad-supported web browser plugin for Firefox.

Analysis date:
5/19/2024 8:17:10 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Yontoo (M)
17.3.12.3

File size:
519.2 KB (531,696 bytes)

Product version:
1.0.5710.31015

Original file name:
2015082101.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\dynamo combo\bin\plugins\dynamocombo.ffupdate.dll

Digital Signature
Signed by:
Web Tripp

Authority:
VeriSign, Inc.

Valid from:
10/29/2014 1:00:00 AM

Valid to:
10/12/2015 1:59:59 AM

Subject:
CN=Web Tripp, O=Web Tripp, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2F541276F5315F0F251C1CE5137A431B

File PE Metadata
Compilation timestamp:
8/21/2015 3:13:51 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

.NET CLR dependent:
Yes

Entry address:
0x81B8E

Entry point:
FF, 25, 00, 20, 00, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.7490

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
511 KB (523,264 bytes)

Remove dynamocombo.ffupdate.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.