home

jumpflip.ieupdate.dll

Jump Flip

This is the Internet Explorer add-on for the Yontoo Jump Flip branded web browser plugin (injects banner, text-link and popup ads). The component is responisble for registering the Browser Helper Object into IE and keeping it registered. The module jumpflip.ieupdate.dll by Jump Flip has been detected as adware by 18 anti-malware scanners. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.
Publisher:
Jump Flip  (signed and verified)

Version:
1.0.5460.24199

MD5:
edd0f8f38c13d4473cb2992ecee27b73

SHA-1:
9465720c335571dce16e483130ef4690526e889f

SHA-256:
8c6f987bf312e9eee3e58f4331d9672d9685457366b4c2c92e596dcfa44bbc0d

Scanner detections:
18 / 68

Status:
Adware

Explanation:
Part of the Yontoo distributed ad-supported web browser add-on for Internet Explorer.

Analysis date:
4/24/2024 1:00:49 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.BrowseFox.BJ
6460213

Avira AntiVirus
ADWARE/BrowseFox.Gen7
7.11.205.142

avast!
Win32:BrowseFox-DZ [PUP]
150126-0

Baidu Antivirus
Adware.MSIL.BrowseFox
4.0.3.15127

Bitdefender
Adware.BrowseFox.BJ
1.0.20.135

Emsisoft Anti-Malware
Adware.BrowseFox.BJ
9.0.0.4799

ESET NOD32
MSIL/BrowseFox.L potentially unwanted application
7.0.302.0

F-Prot
W32/S-cfdb2970
v6.4.7.1.166

F-Secure
Adware.BrowseFox.BJ
5.13.68

G Data
Adware.BrowseFox.BJ
15.1.25

IKARUS anti.virus
PUA.MSIL.BrowseFox
t3scan.1.8.6.0

K7 AntiVirus
Adware
13.192.14775

McAfee
BrowseFox-FUT
5600.6872

MicroWorld eScan
Adware.BrowseFox.BJ
16.0.0.81

nProtect
Adware.BrowseFox.BJ
15.01.27.01

Qihoo 360 Security
Win32/Virus.Adware.708
1.0.0.1015

Reason Heuristics
Adware.Yontoo.JumpFlip
15.1.27.20

VIPRE Antivirus
Threat.4741131
36666

File size:
658.3 KB (674,080 bytes)

Product version:
1.0.5460.24199

Original file name:
JumpFlip.IEUpdate2014121321.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\jump flip\bin\plugins\jumpflip.ieupdate.dll

Digital Signature
Signed by:
Jump Flip

Authority:
VeriSign, Inc.

Valid from:
8/22/2013 9:30:00 AM

Valid to:
8/23/2015 9:29:59 AM

Subject:
CN=Jump Flip, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Jump Flip, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
144CF0B61216826C7F439B5C91A6ABD6

File PE Metadata
Compilation timestamp:
12/14/2014 7:56:41 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:fPv9cAJXvu5Q9XGSGP579ep7SI0MMcxLVc5JcUVOY6ty6OgjLxXXoCU:V9vu5eG/hpUSXxcLbkD6w6JXXoCU

Entry address:
0xA477E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.8194

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
650 KB (665,600 bytes)

Remove jumpflip.ieupdate.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.