» platamoose.FFUpdate.dll
Overview
Analysis
File Details

platamoose.FFUpdate.dll

platamoose

FFUpdate is the Mozilla Firefox plugin manager for the platamoose branded Yontoo adware browser platform. The component is designed to install and keep Firefox connected to the adware updater. The module platamoose.FFUpdate.dll by platamoose has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

Publisher:

platamoose (signed and verified)

Version:

1.0.5392.35177

MD5:

4c81f17909be17149dcd079c57733463

SHA-1:

c8472f58d3af806a025f8d37575131bd54dbe7b6

SHA-256:

0cbfbd8496c7f22532974978f9d705239c21d478114421668b13cf8e76319684

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Part of the Yontoo distributed ad-supported web browser plugin for Firefox.

Analysis date:

5/21/2024 2:09:45 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.Yontoo (M)

17.2.27.17

File size:

544.3 KB (557,344 bytes)

Product version:

1.0.5392.35177

Original file name:

platamoose.FFUpdate.dll

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\platamoose\bin\plugins\platamoose.ffupdate.dll

Digital Signature

Signed by:

platamoose

Authority:

DigiCert Inc

Valid from:

6/9/2014 2:00:00 AM

Valid to:

6/17/2015 2:00:00 PM

Subject:

CN=platamoose, O=platamoose, L=Santa Monica, S=California, C=US

Issuer:

CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

056AAEB43A8F6D3F3C94473962C61E96

File PE Metadata

Compilation timestamp:

10/7/2014 5:32:37 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

6.0

.NET CLR dependent:

Yes

Entry address:

0x87DFA

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 6F, 00, 00, 00, 3C, 7E, 08, 00, 3C, 60, 08, 00, 52, 53, 44, 53, 3A, A9, 5B, FF, 87, 0C, AD, 44, 8B, DD, 4C, 48, BD, EB, CB, 2F, 01, 00, 00, 00, 44, 3A, 5C, 55, 74, 69, 6C, 69, 74, 69, 65, 73, 5C, 62, 65, 68, 77, 74, 6B, 31, 35, 2E, 78, 35, 6E, 5C, 44, 65, 73, 6B, 74, 6F, 70, 5C, 44, 65, 73, 6B... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

536 KB (548,864 bytes)

Remove platamoose.FFUpdate.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.