» lemurleap.ieupdate.dll
Overview
Analysis
File Details

lemurleap.ieupdate.dll

Lemurleap

This is the Internet Explorer add-on for the Yontoo Lemurleap branded web browser plugin (injects banner, text-link and popup ads). The component is responisble for registering the Browser Helper Object into IE and keeping it registered. The module lemurleap.ieupdate.dll by Lemurleap has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

Publisher:

Lemurleap (signed and verified)

Version:

1.0.5454.19040

MD5:

10b101ef778b5d656cdf0aef83031067

SHA-1:

647eee4a6096141788c3bab608f5334fcf5eb3ee

SHA-256:

70332e9ae83dbaabf8e13ce764bb88c64b9904372752f2fe53bf446c64aa0bf2

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Part of the Yontoo distributed ad-supported web browser add-on for Internet Explorer.

Analysis date:

4/20/2024 4:28:15 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.Yontoo.Lemurleap (M)

16.2.13.4

File size:

655.9 KB (671,656 bytes)

Product version:

1.0.5454.19040

Original file name:

LemurLeap.IEUpdate2014120718.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Language Neutral

Common path:

C:\Program Files\lemurleap\bin\plugins\lemurleap.ieupdate.dll

Digital Signature

Signed by:

Lemurleap

Authority:

COMODO CA Limited

Valid from:

5/7/2014 4:00:00 AM

Valid to:

5/8/2015 3:59:59 AM

Subject:

CN=Lemurleap, O=Lemurleap, STREET=10620 Treena Street Suite 230, L=San Diego, S=Ca, PostalCode=92131, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

015F3E368C995EC152965B1AABC50D9E

File PE Metadata

Compilation timestamp:

12/7/2014 10:34:44 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

6.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:gR2H/CPbJGKhni1yalpor5lEUjH13iywS92BeZpxBK2jNoUlo4:zH/CPbznl8por/RjHQy4qU2jNoK

Entry address:

0xA3F8E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.8248

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

648 KB (663,552 bytes)

Remove lemurleap.ieupdate.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.