» sense-bho.dll
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

sense-bho.dll

Sense

Armageddon Labs (BrightCircle Investments Limited)

This web browser extension uses the Crossrider toolbar creation and distribution platform. The module sense-bho.dll by Armageddon Labs (BrightCircle Investments Limited) has been detected as adware by 26 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘8ccd3a1057764b7ca4c3b0c2740d87960069059’. This file is typically installed with the program Sense by Object Browser which is a potentially unwanted software program. This is the Browser Helper Object (BHO) for the Crossrider web browser platform for Internet Explorer. Instead of utilizing a traditional IE Toolbar, it installs a BHO in the browser in order to manage the functionality of the addon. It is part of the Brightcircle group of web-extensions that inject advertisements in the browser.

File name:

sense-bho.dll

Publisher:

Object Browser (signed by Armageddon Labs (BrightCircle Investments Limited))

Product:

Sense

Description:

Sense BHO

Version:

1000.1000.1000.1000

MD5:

8ea394908e83412d4996f6eb0b84a0db

SHA-1:

38c08a5c11964acfc23d2bc47b444219ac221717

SHA-256:

1ca80bf9d82a12978c74f9ece640c62a5335739fb1ae57cd5a591bb800aa1c48

Scanner detections:

26 / 68

Status:

Adware

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements.

Note:

Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Armageddon Labs (BrightCircle Investments Limited).

Analysis date:

4/26/2024 12:51:33 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Application.Heur.Qy9@kalUmjei

6213306

AhnLab V3 Security

PUP/Win32.CrossRider

2014.12.20

Avira AntiVirus

ADWARE/CrossRider.Gen

7.11.196.150

AVG

Generic

2015.0.3253

Baidu Antivirus

PUA.Win32.CrossRider

4.0.3.141223

Bitdefender

Gen:Application.Heur.Qy9@kalUmjei

1.0.20.1780

Dr.Web

Trojan.Crossrider.48032

9.0.1.0357

Emsisoft Anti-Malware

Gen:Application.Heur.Qy9@kalUmjei

9.0.0.4668

ESET NOD32

Win32/Toolbar.CrossRider.BA potentially unwanted application

7.0.302.0

Fortinet FortiGate

Riskware/CrossRider

1/4/2015

F-Prot

W32/S-1c75a14c

v6.4.7.1.166

F-Secure

Riskware.Gen:Application.Heur.Qy9@kalUmjei

5.13.68

G Data

Gen:Application.Heur.Qy9@kalUmjei

14.12.24

Kaspersky

not-a-virus:WebToolbar.Win32.CrossRider

15.0.0.543

Malwarebytes

PUP.Optional.Sense.A

v2014.12.22.05

McAfee

Artemis!4A026764D176

5600.6895

MicroWorld eScan

Gen:Application.Heur.Qy9@kalUmjei

15.0.0.1068

NANO AntiVirus

Trojan.Win32.Crossrider.dleomw

0.30.0.64448

Norman

Gen:Application.Heur.Qy9@kalUmjei

04.12.2014 14:30:06

Panda Antivirus

Trj/Genetic.gen

14.12.22.05

Qihoo 360 Security

Win32/Application.d1c

1.0.0.1015

Reason Heuristics

PUP.CrossRider.BHO.J

15.1.4.17

Rising Antivirus

PE:Malware.Obscure!1.9C59

23.00.65.141220

Sophos

Generic PUA LD

4.98

VIPRE Antivirus

Crossrider

35840

Zillya! Antivirus

Adware.CrossRider.Win32.734

2.0.0.2021

File size:

684 KB (700,384 bytes)

Product version:

1000.1000.1000.1000

Original file name:

Sense.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\sense\sense-bho.dll

Digital Signature

Signed by:

Armageddon Labs (BrightCircle Investments Limited)

Authority:

COMODO CA Limited

Valid from:

12/1/2014 1:00:00 AM

Valid to:

12/2/2015 12:59:59 AM

Subject:

CN=Armageddon Labs (BrightCircle Investments Limited), O=Armageddon Labs (BrightCircle Investments Limited), STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Nicosia, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00C5692390E715129E144F950D09DA6E8A

File PE Metadata

Compilation timestamp:

12/21/2014 12:33:14 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:jiipNVul+/S9hmGg2h0OXxjtKYPVySOlufmGTtbzVhW0g:GipNVuAKX5h0OXxjtKIUufpTBVI0g

Entry address:

0x5C594

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 5D, C9, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 58, 82, 09, 10, E8, ED, 49, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 28, D3, 09, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, B4, A1, 08, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

509.5 KB (521,728 bytes)

Internet Explorer BHO

Display name:

8ccd3a1057764b7ca4c3b0c2740d87960069059

CLSID:

{11111111-1111-1111-1111-110611901159}

CLSID name:

Sense

The file sense-bho.dll has been discovered within the following program.

Sense by Object Browser

Sense is a potentially unwanted web browser extension that will attempt to modify the user's home and search page settings as well as display advertisements in the browser. The software will attach to IE, Chrome and Firefox.

85% remove it

Remove sense-bho.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.