» jumpflipbaapp.dll
Overview
Analysis
File Details

jumpflipbaapp.dll

Jump Flip

Part of the Yontoo adware component, a web browser plugin that injects unwanted ads in the browser. The module jumpflipbaapp.dll by Jump Flip has been detected as adware by 22 anti-malware scanners. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.

File name:

jumpflipbaapp.dll

Publisher:

Jump Flip (signed and verified)

MD5:

aeb91b6cf8821e7f4b62c6660cf08561

SHA-1:

db8d09d9df2d2b9683d5b7411ab43d3c397e4142

SHA-256:

0ad984f4922132c64b015ba32a73144b5fcd9625e5b143053727ee7b331cd31c

Scanner detections:

22 / 68

Status:

Adware

Explanation:

Injects advertising in the web browser in various formats.

Analysis date:

4/19/2024 7:47:21 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.BrowseFox.BJ

6456100

Agnitum Outpost

Trojan.BPlug

7.1.1

avast!

Win32:BrowseFox-B [PUP]

150319-1

AVG

Webpade

2016.0.3063

Baidu Antivirus

Adware.Win32.BrowseFox

4.0.3.15325

Bitdefender

Adware.BrowseFox.BJ

1.0.20.420

Dr.Web

Trojan.BPlug.80

9.0.1.084

Emsisoft Anti-Malware

Adware.BrowseFox.BJ

9.0.0.4799

ESET NOD32

Win32/BrowseFox.N potentially unwanted application

7.0.302.0

F-Secure

Adware.BrowseFox.BJ

5.13.68

G Data

Adware.BrowseFox.BJ

15.3.25

herdProtect (fuzzy)

variant of webspadesbaapp.dll (Adware)

2015.6.30.3

IKARUS anti.virus

PUA.BrowseFox

t3scan.1.8.6.0

K7 AntiVirus

Trojan

13.202.15375

MicroWorld eScan

Adware.BrowseFox.BJ

16.0.0.252

NANO AntiVirus

Trojan.Win32.BPlug.dfwpda

0.30.8.659

Reason Heuristics

PUP.Yontoo

15.3.25.8

Sophos

Browse Fox

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Downloader

9976

Vba32 AntiVirus

AdWare.Agent

3.12.26.3

VIPRE Antivirus

Adware.SwiftBrowse

29740

Zillya! Antivirus

Adware.Agent.Win32.11438

2.0.0.2115

File size:

185.3 KB (189,728 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\jump flip\bin\jumpflipbaapp.dll

Digital Signature

Signed by:

Jump Flip

Authority:

VeriSign, Inc.

Valid from:

8/22/2013 1:00:00 AM

Valid to:

8/23/2015 12:59:59 AM

Subject:

CN=Jump Flip, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Jump Flip, L=Santa Monica, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

144CF0B61216826C7F439B5C91A6ABD6

File PE Metadata

Compilation timestamp:

5/15/2014 3:14:43 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

3072:YHBOYYfG54ksqSKFB4vCuk9yuS7kQ6q84SxcyHG0FSDdfNTksmPi:YHBOYqMGvCh9G7B6q84JyHJF4lQRi

Entry address:

0x10A26

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 28, 72, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, D0, 35, 02, 10, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 2C, 30, 02, 10, C9, C2, 08, 00, 8B, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64... 
[+]

Code size:

135 KB (138,240 bytes)

Remove jumpflipbaapp.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.