fraven 1.1-bho.dll

Fraven 1.1

Bright circle investments Ltd.

This adware utilizes the Crossrider extension platform and will inject advertisiments in the Internet browser and may modify core browser settings. Ads will be delivered as banners and contextual text-links and may promote other potentially unwanted software. The module fraven 1.1-bho.dll by Bright circle investments has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is the Browser Helper Object (BHO) for the Crossrider web browser platform for Internet Explorer. Instead of utilizing a traditional IE Toolbar, it installs a BHO in the browser in order to manage the functionality of the addon. It is distributed as part of the Brightcircle group of browser-extensions.
Publisher:
setup  (signed by Bright circle investments Ltd.)

Product:
Fraven 1.1

Description:
Fraven 1.1 BHO

Version:
1.1.153.24

MD5:
f7b163095670b1b7c6095a8792704f40

SHA-1:
032fa6ead2d9708362ec7d4762182a5d9241e1ae

SHA-256:
3c92465faafdb41d845ebc4fc3e147a79605faa179a77867adc7ce549c9a4092

Scanner detections:
1 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements. Distributed through the Brightcircle investments brand.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Bright circle investments Ltd..

Analysis date:
7/9/2020 7:52:13 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Crossrider.Brightcircle (M)
16.7.11.12

File size:
552.5 KB (565,744 bytes)

Product version:
1.1.153.24

Copyright:
Copyright 2011

Original file name:
Fraven 1.1.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\fraven 1.1\fraven 1.1-bho.dll

Digital Signature
Authority:
COMODO CA Limited

Valid from:
6/19/2014 3:30:00 AM

Valid to:
6/20/2015 3:29:59 AM

Subject:
CN=Bright circle investments Ltd., O=Bright circle investments Ltd., STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Nicosia, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00EF90FEF9AC8E258E5D30D0E08C84D37E

File PE Metadata
Compilation timestamp:
6/22/2014 1:38:45 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:GTLW4jWEmLTiuZXxxsG5zePhK4iT/m+VEt9okY:G/WnfT91xxsG2hKjTxiTokY

Entry address:
0x3E2B8

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 7C, B3, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 48, 7F, 07, 10, E8, B9, 30, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, A8, E9, 07, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 80, 90, 06, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Entropy:
6.5692

Developed / compiled with:
Microsoft Visual C++

Code size:
377 KB (386,048 bytes)

Remove fraven 1.1-bho.dll - Powered by Reason Core Security