» RewardsArcade.dll
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

RewardsArcade.dll

RewardsArcade

Amazing Apps

This web browser extension uses the Crossrider toolbar creation and distribution platform. The module RewardsArcade.dll, “RewardsArcade BHO” by Amazing Apps has been detected as adware by 19 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘CrossriderApp0000498’. This file is typically installed with the program RewardsArcade by 215 Apps which is a potentially unwanted software program. This web browser addon will display additional advertisements in the user's browser including popup, banner, contextual hyperlinks as well as affiliate links.

File name:

RewardsArcade.dll

Publisher:

215 Apps (signed by Amazing Apps)

Product:

RewardsArcade

Description:

RewardsArcade BHO

Version:

1.1.149.83

MD5:

ecbafbc62f0ed497aff72e4f9f7f8b52

SHA-1:

34731b5942d391258d4e7b271c291a693506ccb5

SHA-256:

6530264b57dab3d580e055f52d79a1a472e6b0506b4662ed124f7ad5d49b7f86

Scanner detections:

19 / 68

Status:

Adware

Explanation:

Browser extension that injects additional advertisements (banner and text links) on web pages.

Analysis date:

4/29/2024 4:56:39 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.VidSaver.1

1150

Bitdefender

Gen:Variant.Adware.VidSaver.1

1.0.20.1200

Boost by Reason

Optional.BHO.AmazingApps.N

188838

Comodo Security

ApplicUnwnt

17490

Dr.Web

Adware.Bho.3849

9.0.1.0240

Emsisoft Anti-Malware

Gen:Variant.Adware.VidSaver

8.13.08.28.03

ESET NOD32

Win32/Toolbar.CrossRider

7.9190

F-Secure

Gen:Variant.Adware.VidSaver.1

11.2013-27-11_4

G Data

Gen:Variant.Adware.VidSaver

13.8.22

herdProtect (fuzzy)

variant of i want this.dll (Adware)

2013.12.20.17

IKARUS anti.virus

Win32.SuspectCrc

t3scan.2.2.29

K7 AntiVirus

Unwanted-Program

13.174.10609

McAfee

Artemis!ECBAFBC62F0E

5600.7181

MicroWorld eScan

Gen:Variant.Adware.VidSaver.1

14.0.0.720

Reason Heuristics

PUP.BHO.AmazingApps.N

14.8.7.17

Sophos

AppRider

4.96

Trend Micro House Call

TROJ_GEN.R0CBH0AI613

7.2.240

VIPRE Antivirus

GamePlayLabs

24690

ViRobot

Trojan.Win32.A.Downloader.489472.BID

2011.4.7.4223

File size:

481.9 KB (493,440 bytes)

Product version:

1.1.149.83

Original file name:

RewardsArcade.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\rewardsarcade\rewardsarcade.dll

Digital Signature

Signed by:

Amazing Apps

Authority:

Thawte, Inc.

Valid from:

4/30/2012 5:00:00 PM

Valid to:

5/1/2013 4:59:59 PM

Subject:

CN=Amazing Apps, O=Amazing Apps, L=Philadelphia, S=Pennsylvania, C=US

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

2E307885017928B61D4F2CEF5EB10A05

File PE Metadata

Compilation timestamp:

3/20/2012 3:44:30 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:GjIoLRn9cLrFMiHhWtsV+6L22GjDghJ+GGYpC+73JAuFJM23sDVBsEot:uFnWLreghWtx8XGjDOTGYp5AxVBsEm

Entry address:

0x29E47

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, D8, 7D, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 85, C0, 74, 12, 83, E8, 08, 81, 38, DD, DD, 00, 00, 75, 07, 50, E8, A5, C5, FF, FF, 59, 5D, C3, 8B, FF, 55, 8B, EC, 83, EC, 10, A1, 90, C4, 06, 10, 33, C5, 89, 45, FC, 8B, 55, 18, 53, 33, DB, 56, 57, 3B, D3, 7E, 1F, 8B, 45, 14, 8B, CA, 49, 38, 18, 74, 08, 40, 3B, CB, 75, F6, 83, C9, FF, 8B, C2, 2B, C1, 48, 3B, C2, 7D, 01, 40, 89, 45, 18... 
[+]

Entropy:

6.5903

Code size:

341 KB (349,184 bytes)

Internet Explorer BHO

Display name:

CrossriderApp0000498

CLSID:

{11111111-1111-1111-1111-110011041198}

CLSID name:

RewardsArcade

The file RewardsArcade.dll has been discovered within the following program.

RewardsArcade by 215 Apps

RewardsArcade by 215 Apps (Awesome Apps / Red Online Marketing Group LP) is a Browser Helper Object installed into Internet Explorer that monitors web pages for possible affiliate merchant partners.

www.50onred.com

82% remove it

Remove RewardsArcade.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.