home

jumpflip.ffupdate.dll

Jump Flip

FFUpdate is the Mozilla Firefox plugin manager for the Jump Flip branded Yontoo adware browser platform. The component is designed to install and keep Firefox connected to the adware updater. The module jumpflip.ffupdate.dll by Jump Flip has been detected as adware by 21 anti-malware scanners. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.
Publisher:
Jump Flip  (signed and verified)

Version:
1.0.5608.8137

MD5:
583ca453ba458b384a3ca9983e8e214d

SHA-1:
b428d757400f58edeb486595165dbee86763ce49

SHA-256:
3406bba52d6c2566c222b813a1a779decab7ae3e9003089233c9207de7edf389

Scanner detections:
21 / 68

Status:
Adware

Explanation:
Part of the Yontoo distributed ad-supported web browser plugin for Firefox.

Analysis date:
4/26/2024 7:59:07 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.BrowseFox.BJ
5970718

avast!
Win32:BrowseFox-DZ [PUP]
150319-1

Baidu Antivirus
Adware.MSIL.BrowseFox
4.0.3.15511

Bitdefender
Adware.BrowseFox.BJ
1.0.20.655

Bkav FE
W32.HfsAdware
1.3.0.6379

Dr.Web
Trojan.Yontoo.1734
9.0.1.05190

Emsisoft Anti-Malware
Adware.BrowseFox.BJ
9.0.0.4799

ESET NOD32
MSIL/BrowseFox.L potentially unwanted (variant)
9.11605

F-Prot
W32/S-a387f519
v6.4.7.1.166

F-Secure
Adware.BrowseFox.BJ
5.13.68

G Data
Adware.BrowseFox.BJ
15.5.25

K7 AntiVirus
Adware
13.203.15861

McAfee
Program.BrowseFox-FUT
17.6.569.0

MicroWorld eScan
Adware.BrowseFox.BJ
16.0.0.393

NANO AntiVirus
Riskware.Win32.BPlug.djpkri
0.30.24.1357

nProtect
Adware.BrowseFox.BJ
15.05.08.01

Panda Antivirus
Trj/CI.A
15.05.11.12

Quick Heal
Adware.Updater.A3
5.15.14.00

Reason Heuristics
Adware.Yontoo.JumpFlip
15.5.10.19

Sophos
Generic PUA LE
4.98

VIPRE Antivirus
Threat.4741131
39486

File size:
589.3 KB (603,424 bytes)

Product version:
1.0.5608.8137

Original file name:
JumpFlip.FFUpdate2015051012.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\jump flip\bin\plugins\jumpflip.ffupdate.dll

Digital Signature
Signed by:
Jump Flip

Authority:
VeriSign, Inc.

Valid from:
8/21/2013 5:00:00 PM

Valid to:
8/22/2015 4:59:59 PM

Subject:
CN=Jump Flip, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Jump Flip, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
144CF0B61216826C7F439B5C91A6ABD6

File PE Metadata
Compilation timestamp:
5/10/2015 5:31:18 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:D793Z7gP1N+Odfhm0UPeHP60l8yHIZo+Yj6eb2sNPowlf3NWcsG1Cq:DvsP1CNiT8oy89b28p3YtQv

Entry address:
0x932AA

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.4592

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
581 KB (594,944 bytes)

Remove jumpflip.ffupdate.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.