home

f25b1c1b-ea83-4b3f-bff0-6fa6a190d5ae.dll

Tita­nium Great Minds

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The module f25b1c1b-ea83-4b3f-bff0-6fa6a190d5ae.dll by Tita­nium Great Minds has been detected as adware by 16 anti-malware scanners. This file is typically installed with the program Radio Canyon by Bright circle investments Ltd. which is a potentially unwanted software program. The library is built using the Crossrider cross-browser extension toolkit. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider. It is part of the Brightcircle group of web-extensions that inject advertisements in the browser.
Publisher:
Tita­nium Great Minds  (signed and verified)

MD5:
d5d3a3f896fd3c9e399082aea9e6f5ed

SHA-1:
83775a67ff9840e4e53f1b7942311dc70b17bc10

SHA-256:
6e52e80bdf1c0dec0c427723e3e5de2f24e0f1255575d77c91720e3e38dd98db

Scanner detections:
16 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:
4/26/2024 2:50:44 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win32.CrossRider
2014.11.23

Avira AntiVirus
Adware/CrossRider.KB
7.11.188.58

avast!
Win32:Crossrider-AA [PUP]
2014.9-141129

AVG
Generic
2015.0.3275

Baidu Antivirus
PUA.Win32.CrossRider
4.0.3.141122

Dr.Web
Trojan.Crossrider.31452
9.0.1.0333

ESET NOD32
Win32/Toolbar.CrossRider.BM potentially unwanted application
7.0.302.0

G Data
Win32.Adware.Crossrider
14.11.24

IKARUS anti.virus
not-a-virus:AdWare.Adwapper
t3scan.1.8.3.0

K7 AntiVirus
Unwanted-Program
13.185.14021

Kaspersky
not-a-virus:AdWare.NSIS.Adwapper
15.0.0.543

Malwarebytes
PUP.Optional.Nova.A
v2014.11.22.03

Panda Antivirus
Trj/Genetic.gen
14.11.22.03

Qihoo 360 Security
HEUR/QVM30.1.Malware.Gen
1.0.0.1015

Reason Heuristics
PUP.TitaniumGreatMinds.e
14.11.29.20

Sophos
Generic PUA ID
4.98

File size:
137.9 KB (141,224 bytes)

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\radio canyon\f25b1c1b-ea83-4b3f-bff0-6fa6a190d5ae.dll

Digital Signature
Signed by:
Tita­nium Great Minds

Authority:
COMODO CA Limited

Valid from:
10/20/2014 10:00:00 AM

Valid to:
10/21/2015 9:59:59 AM

Subject:
CN=Tita­nium Great Minds, O=Tita­nium Great Minds, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
009396D2C159BC1B1261C6A397A6168FA6

File PE Metadata
Compilation timestamp:
11/21/2014 6:35:18 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
3072:HV/qK9u5zaD7JN8nWfw3+HQJuIPdfTjHQZm:H4A4zaD7kt3oQJjBHHQQ

Entry address:
0x66F8

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 91, 39, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 10, BD, 01, 10, E8, 69, 15, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 4C, E2, 01, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 90, 71, 01, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Entropy:
6.2170

Developed / compiled with:
Microsoft Visual C++

Code size:
82 KB (83,968 bytes)

The file f25b1c1b-ea83-4b3f-bff0-6fa6a190d5ae.dll has been discovered within the following program.

Radio Canyon  by Bright circle investments Ltd.
Radio Canyon (Porter Studio Plus) is an adware program (supported by various types of advertising) that is usually bundled by third party installers and download managers.
88% remove it
 
Powered by Should I Remove It?

Remove f25b1c1b-ea83-4b3f-bff0-6fa6a190d5ae.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.