» installerhelper.dll
Overview
Analysis
File Details
Programs (1)

installerhelper.dll

Bit Cocktail Ltd.

The module installerhelper.dll by Bit Cocktail has been detected as a potentially unwanted program by 4 anti-malware scanners. This file is typically installed with the program IB Updater 2.0.0.530 by Perion Network Ltd. which is a potentially unwanted software program.

File name:

installerhelper.dll

Publisher:

Bit Cocktail Ltd. (signed and verified)

MD5:

819c17ea3b1b2f4940708958db71bed7

SHA-1:

5102521cb3d7a8515e65b8715193aaaf6cc18b37

SHA-256:

0198d2ec5232deb8bc791eb07fbbfb6dc4a9ca2f733c4a2bdebd310044cb6974

Scanner detections:

4 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 2:42:10 PM UTC (today)

Scan engine

Detection

Engine version

AVG

BitCocktail

2016.0.2999

ESET NOD32

Win32/Toolbar.BitCocktail.A potentially unwanted application

9.7.0.302.0

Reason Heuristics

PUP.BitCocktail (M)

15.7.29.16

Sophos

BitCocktail

4.98

File size:

691.3 KB (707,928 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\ib updater\installerhelper.dll

Digital Signature

Signed by:

Bit Cocktail Ltd.

Authority:

Thawte, Inc.

Valid from:

1/16/2012 7:00:00 PM

Valid to:

1/16/2013 6:59:59 PM

Subject:

CN=Bit Cocktail Ltd., O=Bit Cocktail Ltd., L=Herzeliya, S=Herzeliya, C=IL

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

613E461899A05578474D1423CF9CC340

File PE Metadata

Compilation timestamp:

10/3/2012 8:24:14 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12288:iMF9HIV2BsJ31EFqNnRS8IW+4Mhgy0cEhvkUZdwwGcoqx:V94iszNnR7IW+iFcEdkUWcvx

Entry address:

0x7A83B

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 7D, D1, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, 55, 8B, EC, 57, 56, 8B, 75, 0C, 8B, 4D, 10, 8B, 7D, 08, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, A4, 01, 00, 00, 81, F9, 00, 01, 00, 00, 72, 1F, 83, 3D, E4, 88, 0A, 10, 00, 74, 16, 57, 56, 83, E7, 0F, 83, E6, 0F, 3B, FE, 5E, 5F, 75, 08, 5E, 5F, 5D, E9, 7D, C3, 00, 00, F7, C7, 03, 00, 00, 00, 75, 15, C1, E9, 02, 83, E2, 03, 83, F9, 08, 72, 2A, F3... 
[+]

Entropy:

6.7325

Code size:

591.5 KB (605,696 bytes)

The file installerhelper.dll has been discovered within the following program.

IB Updater 2.0.0.530 by Perion Network Ltd.

The IB (IncrediBar) Updater Service is designed to keep the Perion IncrediBar web browser toolbar (and other related products) up to date. The IB Updater Service runs in the background and periodically connects to the IncrediBar servers.

www.incredibar.com

80% remove it

Remove installerhelper.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.