» insnwwyk2ndzod.x64.dll
Overview
Analysis
File Details

insnwwyk2ndzod.x64.dll

The module insnwwyk2ndzod.x64.dll has been detected as a potentially unwanted program by 13 anti-malware scanners. The library is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider.

File name:

MD5:

1e7a67bb1ea3e9b1c360ed2b28cd25d8

SHA-1:

4d2d063ea507f0c4d702d60325d33f798f64276f

SHA-256:

ca35df6c5e42202135b0e84e604f8f112e8d190d98ff8360955af1121fbf4fcb

Scanner detections:

13 / 68

Status:

Potentially unwanted

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:

4/26/2024 9:45:44 AM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

PUP/Win32.MultiPlug

2015.04.19

Avira AntiVirus

ADWARE/MultiPlug.Gen4

3.6.1.96

avast!

Win64:Adware-gen [Adw]

2014.9-150421

AVG

AdPlugin

2016.0.3133

Baidu Antivirus

Adware.Win64.MultiPlug

4.0.3.15421

Comodo Security

ApplicUnwnt

21811

Dr.Web

Trojan.Crossrider1.25235

9.0.1.0111

ESET NOD32

Win64/Adware.MultiPlug (variant)

9.11494

herdProtect (fuzzy)

variant of 2hbtxokl5sutzr.x64.dll

2015.7.22.13

Malwarebytes

PUP.Optional.MultiPlug.A

v2015.04.21.06

McAfee

Multiplug-FWX

5600.6789

Qihoo 360 Security

Win32/Virus.Adware.f45

1.0.0.1015

Trend Micro House Call

TROJ_GEN.R0C1H06DG15

7.2.111

File size:

891.5 KB (912,896 bytes)

File type:

Dynamic link library (Win64 DLL)

Common path:

C:\Program Files\saleplus\insnwwyk2ndzod.x64.dll

Registration

CLSID:

{426ee2ca-3b8a-4893-bb6b-9ea4a42893f0}

ProgID:

P426ee2ca_3b8a_4893_bb6b_9ea4a42893f0_.9

COM registered:

Yes

File PE Metadata

Compilation timestamp:

4/9/2015 4:03:32 AM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:H/CVyqrk9ek+fGvw6aQXNIgsvsZhICKUNxVBuzr+15OU5Wsb:Kkqg/+fGvw6aQ/5OAxb

Entry address:

0x5175C

Entry point:

48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 6F, 70, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, F8, 86, 08, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF... 
[+]

Entropy:

4.5654

Code size:

416 KB (425,984 bytes)

Remove insnwwyk2ndzod.x64.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.