» HighlightlyClientIE.dll
Overview
Analysis
File Details

HighlightlyClientIE.dll

Highlightly Client BHO x64

Highlightly

This is part of the InfoAtoms browser extension which will display variopus forms of advertising in the web browser by injecting new ads such as banner, text-links and search results. The module HighlightlyClientIE.dll by Highlightly has been detected as adware by 12 anti-malware scanners.

File name:

Publisher:

Highlightly (signed and verified)

Product:

Highlightly Client BHO x64

Version:

1.9.0.3

MD5:

d597ffceb068a53ea61c7771bcabfdc4

SHA-1:

37db8e7bdc60e09831e5e4ecf5b706d47635047b

SHA-256:

7f97753d519d46a34286d09eaf5e1b7b1f6526be40153da7b2220aba8fae96b6

Scanner detections:

12 / 68

Status:

Adware

Analysis date:

4/25/2024 8:23:54 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Vitruvian.B

810

Baidu Antivirus

Adware.Win64.Vitruvian

4.0.3.141117

Bitdefender

Adware.Vitruvian.B

1.0.20.1605

Emsisoft Anti-Malware

Adware.Vitruvian

8.14.11.17.09

ESET NOD32

Win64/Adware.Vitruvian.B application

8.7.0.302.0

F-Secure

Adware.Vitruvian.B

11.2014-17-11_2

G Data

Adware.Vitruvian

14.11.24

IKARUS anti.virus

AdWare.Vitruvian

t3scan.1.7.5.0

MicroWorld eScan

Adware.Vitruvian.B

15.0.0.963

nProtect

Adware.Vitruvian.B

14.10.14.01

Reason Heuristics

PUP.Highlightly.T

14.5.1.20

VIPRE Antivirus

InfoAtoms

32470

File size:

176.6 KB (180,840 bytes)

Product version:

1.9.0.3

Original file name:

HighlightlyClientIE.dll

File type:

Dynamic link library (Win64 DLL)

Language:

English (United States)

Common path:

C:\Program Files\highlightly\ie\highlightlyclientie.dll

Digital Signature

Signed by:

Highlightly

Authority:

GlobalSign nv-sa

Valid from:

3/12/2014 4:03:11 PM

Valid to:

7/5/2015 4:25:40 PM

Subject:

E=support@gethighlightly.com, CN=Highlightly, OU=Highlightly, O=Highlightly, L=La Jolla, S=CA, C=US

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11212BBBE8825E5C9A20B6A396BBFD1C37FB

Registration

CLSID:

{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}

COM registered:

Yes

File PE Metadata

Compilation timestamp:

4/1/2014 4:00:28 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

3072:Phd3oEFnu+27xBa5H0/UiTOAVEVXmo+HSr+/2yMapxlRFrIBh:X3LFuP76wUiTHE1f+/2D6Fg

Entry address:

0xF264

Entry point:

48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 6B, 53, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, 70, A2, 01, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF... 
[+]

Entropy:

5.8681

Code size:

94.5 KB (96,768 bytes)

Remove HighlightlyClientIE.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.