» LemurLeap.CompatibilityChecker.dll
Overview
Analysis
File Details

LemurLeap.CompatibilityChecker.dll

Lemurleap

Part of the Yontoo adware component, a web browser plugin that injects unwanted ads in the browser. The module LemurLeap.CompatibilityChecker.dll by Lemurleap has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

Publisher:

Lemurleap (signed and verified)

Version:

1.0.5355.20991

MD5:

2d73a9de73e381a4c9efdec1e82487ac

SHA-1:

932d336ea248b03d02bb2713e2dd968c35fed561

SHA-256:

c4c988d593369ee9d09c19546a49962ce2e585b7c10dd9d29949db62ea4baea7

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Belongs to the Sambreel/Yontoo progam that inserts various forms of advertising in the user's web browser, installed with minimal or no user consent.

Analysis date:

4/24/2024 1:10:45 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.Yontoo.Lemurleap (M)

16.2.15.14

File size:

56.9 KB (58,280 bytes)

Product version:

1.0.5355.20991

Original file name:

LemurLeap.CompatibilityChecker.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Language Neutral

Common path:

C:\Program Files\lemurleap\bin\plugins\lemurleap.compatibilitychecker.dll

Digital Signature

Signed by:

Lemurleap

Authority:

COMODO CA Limited

Valid from:

5/7/2014 2:00:00 AM

Valid to:

5/8/2015 1:59:59 AM

Subject:

CN=Lemurleap, O=Lemurleap, STREET=10620 Treena Street Suite 230, L=San Diego, S=Ca, PostalCode=92131, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

015F3E368C995EC152965B1AABC50D9E

File PE Metadata

Compilation timestamp:

8/30/2014 2:39:49 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

1536:ERkAtNop8ki+DgEv4wWqee1yeYFL1ezRLXl+zRHVOlL0iY1ST2dPhOusp8ah9v3i:kY8J+zzVJ9vd7BFCv

Entry address:

0xE36E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.0691

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

49 KB (50,176 bytes)

Remove LemurLeap.CompatibilityChecker.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.