Newtonsoft.Json.dll

Json.NET

Space Battleship Creative

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. Newtonsoft.Json.dll is the assembly provides support for JSON parsing for .NET applications and is recompiled by Space Battleship Creative. The module Newtonsoft.Json.dll, “Json.NET .NET 2.0” by Space Battleship Creative has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. Although a detection has been made for this resource, it is generally a commonly distributed 3rd-party library and is typically safe by itself. It is part of the Brightcircle group of web-extensions that inject advertisements in the browser.
Publisher:
Newtonsoft  (signed by Space Battleship Creative)

Product:
Json.NET

Description:
Json.NET .NET 2.0

Version:
6.0.3.17227

MD5:
37d2cee0e199a0865058cd88ee6b9d55

SHA-1:
87954024acc80e9d503ba2f2197179a0682c0248

Scanner detections:
1 / 68

Status:
Adware

Explanation:
This is the assembly provides support for JSON parsing for .NET applications. While the file itself is not dangerous, it is part of a program that has been detected.

Analysis date:
5/27/2020 12:33:42 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Brightcircle (M)
17.3.16.12

File size:
483.9 KB (495,536 bytes)

Product version:
6.0.3.17227

Copyright:
Copyright © James Newton-King 2008

Original file name:
Newtonsoft.Json.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\hq video pro 1.6v17.11\newtonsoft.json.dll

Digital Signature
Authority:
COMODO CA Limited

Valid from:
10/20/2014 1:00:00 AM

Valid to:
10/21/2015 12:59:59 AM

Subject:
CN=Space Battleship Creative, O=Space Battleship Creative, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00F7CD27D419D6D6EBEEE61F75941D1DA4

File PE Metadata
Compilation timestamp:
4/27/2014 4:12:58 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

.NET CLR dependent:
Yes

Entry address:
0x7930E

Entry point:
FF, 25, 00, 20, 00, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.8777

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
477 KB (488,448 bytes)

Remove Newtonsoft.Json.dll - Powered by Reason Core Security