» sense-bho.dll
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

sense-bho.dll

Sense

Morgan Enter Mode

This web browser extension uses the Crossrider toolbar creation and distribution platform. The module sense-bho.dll by Morgan Enter Mode has been detected as adware by 33 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘cb53b500f3e90131a6091fb939dcadf40061915’. This file is typically installed with the program Sense by Object Browser which is a potentially unwanted software program. This is the Browser Helper Object (BHO) for the Crossrider web browser platform for Internet Explorer. Instead of utilizing a traditional IE Toolbar, it installs a BHO in the browser in order to manage the functionality of the addon. It is distributed as part of the Brightcircle group of browser-extensions.

File name:

sense-bho.dll

Publisher:

Object Browser (signed by Morgan Enter Mode)

Product:

Sense

Description:

Sense BHO

Version:

1000.1000.1000.1000

MD5:

db7da746b74e14f180214688220870ec

SHA-1:

f596522469a0c1c81e9c80b78340330ef5c583da

SHA-256:

89e26ec9fe1bce8b0d33af86ff0a0eb351dfc54b3e5404607a9e623c26ce233a

Scanner detections:

33 / 68

Status:

Adware

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements. Distributed through the Brightcircle investments brand.

Note:

Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Morgan Enter Mode.

Analysis date:

4/25/2024 10:20:02 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Graftor.154097

826

Agnitum Outpost

PUA.Adwapper

7.1.1

AhnLab V3 Security

PUP/Win32.CrossRider

2014.10.13

Avira AntiVirus

Adware/CrossRider.pq

7.11.173.122

avast!

Win32:Crossrider-AA [PUP]

2014.9-141101

AVG

Morgan

2015.0.3304

Baidu Antivirus

PUA.Win32.CrossRider

4.0.3.14111

Bitdefender

Gen:Variant.Adware.Graftor.154097

1.0.20.1525

Comodo Security

ApplicUnwnt

19623

Dr.Web

DLOADER.Trojan

9.0.1.0305

Emsisoft Anti-Malware

Gen:Variant.Adware.Graftor.154097

8.14.11.01.08

ESET NOD32

Win32/Toolbar.CrossRider.BA (variant)

8.10584

Fortinet FortiGate

W32/GoogUpdate.XQB!tr

11/1/2014

F-Prot

W32/A-60e5da54

v6.4.7.1.166

F-Secure

Gen:Variant.Adware.Graftor.154097

11.2014-01-11_7

G Data

Gen:Variant.Adware.Graftor.154097

14.11.24

IKARUS anti.virus

not-a-virus:WebToolbar.CroRi

t3scan.1.7.8.0

K7 AntiVirus

Unwanted-Program

13.183.13432

Kaspersky

not-a-virus:AdWare.NSIS.Adwapper

14.0.0.3013

Malwarebytes

PUP.Optional.Sense.A

v2014.11.01.08

McAfee

Artemis!DB7DA746B74E

5600.6960

MicroWorld eScan

Gen:Variant.Adware.Graftor.154097

15.0.0.915

NANO AntiVirus

Riskware.Win32.AdLoad.dcmlho

0.28.2.61721

Panda Antivirus

Trj/Genetic.gen

14.11.01.08

Qihoo 360 Security

HEUR/QVM30.1.Malware.Gen

1.0.0.1015

Quick Heal

AdWare.NSIS.r6 (Not a Virus)

11.14.14.00

Reason Heuristics

PUP.Crossrider.BHO.J

14.11.1.8

Rising Antivirus

PE:Malware.Obscure!1.9C59

23.00.65.141030

Sophos

Generic PUA PF

4.98

Trend Micro House Call

Suspicious_GEN.F47V0826

7.2.305

Vba32 AntiVirus

AdWare.Adwapper

3.12.26.3

VIPRE Antivirus

Crossrider

34054

Zillya! Antivirus

Adware.CrossRider.Win32.126

2.0.0.1927

File size:

636.9 KB (652,192 bytes)

Product version:

1000.1000.1000.1000

Original file name:

Sense.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\sense\sense-bho.dll

Digital Signature

Signed by:

Morgan Enter Mode

Authority:

COMODO CA Limited

Valid from:

8/28/2014 2:00:00 AM

Valid to:

8/29/2015 1:59:59 AM

Subject:

CN=Morgan Enter Mode, O=Morgan Enter Mode, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00E247EA066029B70533C15792B60ED4D8

File PE Metadata

Compilation timestamp:

10/17/2014 9:34:54 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:MCODGiIP+4TsCuqYL7jKzFcFUkiM2TpIvXMK:MCGGiImVCIg6UkijT2L

Entry address:

0x49FC4

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 9D, B2, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 50, A2, 08, 10, E8, BD, 30, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 68, 15, 09, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, B4, A1, 07, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

443 KB (453,632 bytes)

Internet Explorer BHO

Display name:

cb53b500f3e90131a6091fb939dcadf40061915

CLSID:

{11111111-1111-1111-1111-110611191115}

CLSID name:

Sense

The file sense-bho.dll has been discovered within the following program.

Sense by Object Browser

Sense is a potentially unwanted web browser extension that will attempt to modify the user's home and search page settings as well as display advertisements in the browser. The software will attach to IE, Chrome and Firefox.

85% remove it

Remove sense-bho.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.