» mysearchdialapp.dll.mal
Overview
Analysis
File Details
Programs (1)

mysearchdialapp.dll.mal

Montera Technologeis LTD

This is part of the Montera web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The file mysearchdialapp.dll.mal by Montera Technologeis has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Mysearchdial by installCore which is a potentially unwanted software program.

File name:

Publisher:

Montera Technologeis LTD (signed and verified)

MD5:

4ea900c6f4fe80a4829d0ce9ea824145

SHA-1:

334af69d901f93e530d9aba10706f8dbe76883c8

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

4/26/2024 10:38:08 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Montiera.Montera (M)

16.1.31.11

File size:

300.9 KB (308,120 bytes)

Common path:

C:\Program Files\mysearchdial\mysearchdialapp.dll.mal

Digital Signature

Signed by:

Montera Technologeis LTD

Authority:

COMODO CA Limited

Valid from:

5/28/2012 5:30:00 AM

Valid to:

5/29/2013 5:29:59 AM

Subject:

CN=Montera Technologeis LTD, O=Montera Technologeis LTD, STREET="18, Amammi st", L=Even Yehuda, S=Hasharon, PostalCode=40500, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

361B49E5431DD304CA32589D28E4DD3C

File PE Metadata

Compilation timestamp:

5/12/2013 1:54:20 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:1NaOmJaBHeJC6n/OiV9nPRs+iYQ8rYxJU2Iv3PB:+XJaBHyRnWifnPRkYQ8rYxJU2SPB

Entry address:

0x2175F

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 1E, 61, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 8B, C1, 8B, 4D, 08, C7, 00, F0, 6B, 03, 10, 8B, 09, 89, 48, 04, C6, 40, 08, 00, 5D, C2, 08, 00, 8B, 41, 04, 85, C0, 75, 05, B8, F8, 6B, 03, 10, C3, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 57, 8B, F9, 74, 2D, 56, FF, 75, 08, E8, 6D, 56, 00, 00, 8D, 70, 01, 56, E8, ED, E8, FF, FF, 59, 59, 89, 47, 04, 85, C0, 74, 11, FF, 75, 08, 56, 50, E8, E9, EA, FF, FF... 
[+]

Entropy:

6.3505

Code size:

207 KB (211,968 bytes)

The file mysearchdialapp.dll.mal has been discovered within the following program.

Mysearchdial by installCore

Mysearchdial is an ad-supported (users may see additional banner, search, pop-up, pop-under, interstitial and in-text link advertisements) cross web browser plugin for Internet Explorer (BHO) and Firefox/Chrome (plugin) and distributed through various monetization platforms during installation.

www.mysearchdial.com

84% remove it

Remove mysearchdialapp.dll.mal - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.