lemurleapbaapp.dll

Lemurleap

Part of the Yontoo adware component, a web browser plugin that injects unwanted ads in the browser. The module lemurleapbaapp.dll by Lemurleap has been detected as adware by 23 anti-malware scanners. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.
Remove lemurleapbaapp.dll - Powered by Reason Core Security
Publisher:
Lemurleap  (signed and verified)

MD5:
7893a8a08bdf310d84bd0e7af3367fa9

SHA-1:
ee0d58b284244d4baf8eebd4c1523ce99e85c6de

SHA-256:
3bfcd067a8e31fff81b640b8823bb289a96f770595944eaa9d13345aef710879

Scanner detections:
23 / 68

Status:
Adware

Explanation:
Injects advertising in the web browser in various formats.

Analysis date:
12/7/2016 7:38:29 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.SwiftBrowse.P
969

Agnitum Outpost
PUA.Agent
7.1.1

Avira AntiVirus
APPL/BrowseFox.Gen
7.11.154.60

Antiy Labs AVL
GrayWare[AdWare:not-a-virus]/Win32.Agent
1.0.0.1

AVG
Lemurleap
2015.0.3447

Baidu Antivirus
Adware.Win32.BrowseFox
4.0.3.14610

Bitdefender
Adware.SwiftBrowse.P
1.0.20.805

Comodo Security
Application.Win32.AltBrowse.AKB
18503

Dr.Web
Trojan.BPlug.79
9.0.1.05190

Emsisoft Anti-Malware
Adware.SwiftBrowse.P
8.14.06.10.03

ESET NOD32
Win32/BrowseFox.I potentially unwanted application
7.0.302.0

F-Prot
W32/MegaBrowse.A
4.6.5.141

F-Secure
Adware.SwiftBrowse.P
11.2014-10-06_3

G Data
Adware.SwiftBrowse
14.6.24

Jiangmin
Adware/Agent.knw
KV140610

McAfee
Artemis!7893A8A08BDF
5600.7103

McAfee Web Gateway
Artemis!7893A8A08BDF
7.7103

MicroWorld eScan
Adware.SwiftBrowse.P
15.0.0.483

NANO AntiVirus
Riskware.Win32.Agent.czxzwg
0.28.0.60253

nProtect
Adware.SwiftBrowse.P
14.06.10.01

Reason Heuristics
PUP.Lemurleap.O
14.8.7.21

Vba32 AntiVirus
AdWare.Agent
3.12.26.0

VIPRE Antivirus
Threat.4150696
30086

Remove lemurleapbaapp.dll - Powered by Reason Core Security
File size:
178.9 KB (183,208 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\lemurleap\bin\lemurleapbaapp.dll

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
5/7/2014 2:00:00 AM

Valid to:
5/8/2015 1:59:59 AM

Subject:
CN=Lemurleap, O=Lemurleap, STREET=10620 Treena Street Suite 230, L=San Diego, S=Ca, PostalCode=92131, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
015F3E368C995EC152965B1AABC50D9E

File PE Metadata
Compilation timestamp:
4/30/2014 1:20:18 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:g0iHuOPsHW1DezTNt9mVbBoi0+DYCzLAnbLDQ6pCO+uE8:g0EgzTNSdui0+Udn/DQ6IOvE8

Entry address:
0xF6DC

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 48, 75, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, A0, 25, 02, 10, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 18, 20, 02, 10, C9, C2, 08, 00, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, 35, D8, 20, 02, 10, 57, FF, 35...
 
[+]

Entropy:
6.5437

Code size:
129.5 KB (132,608 bytes)

Remove lemurleapbaapp.dll - Powered by Reason Core Security