» sense-buttonutil.exe
Overview
Analysis
File Details
Programs (1)

sense-buttonutil.exe

Sense

Morgan Enter Mode

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The application sense-buttonutil.exe by Morgan Enter Mode has been detected as adware by 36 anti-malware scanners. This file is typically installed with the program Sense by Object Browser which is a potentially unwanted software program. It is built using the Crossrider cross-browser extension toolkit. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider. It is part of the Brightcircle group of web-extensions that inject advertisements in the browser.

File name:

Publisher:

Object Browser (signed by Morgan Enter Mode)

Product:

Sense

Description:

Sense exe

Version:

1000.1000.1000.1000

MD5:

bc661a5555a34f311210101061c00a8a

SHA-1:

210121638427346fc43121fe101b8d418a458be5

SHA-256:

95c633e304269ff277a46124097b2552c14393da3a2ede9d0e9292c885987a71

Scanner detections:

36 / 68

Status:

Adware

Explanation:

Part of the Crossrider toolbar platform. It will download and install new code and Javascript updates for the extension.

Note:

Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Morgan Enter Mode.

Analysis date:

4/19/2024 6:02:33 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Graftor.153935

797

AhnLab V3 Security

PUP/Win32.CrossRider

2014.10.15

Avira AntiVirus

Adware/CrossRider.pq

7.11.177.204

avast!

Win32:Adware-gen [Adw]

2014.9-141025

AVG

Morgan

2015.0.3311

Baidu Antivirus

Adware.NSIS.Adwapper

4.0.3.141025

Bitdefender

Gen:Variant.Graftor.153935

1.0.20.1665

Bkav FE

W32.InjectAdwaredDwnA1.PE

1.3.0.4959

Comodo Security

ApplicUnwnt

19693

Dr.Web

Trojan.Crossrider.36036

9.0.1.0333

Emsisoft Anti-Malware

Gen:Variant.Adware.Graftor.153935

8.14.11.29.10

ESET NOD32

Win32/Toolbar.CrossRider.AA (variant)

8.10402

Fortinet FortiGate

Adware/Adwapper

11/29/2014

F-Prot

W32/A-145080a0

v6.4.7.1.166

F-Secure

Gen:Variant.Graftor.153935

11.2014-29-11_7

G Data

Win32.Adware.Crossrider

14.11.24

IKARUS anti.virus

not-a-virus:AdWare.Adwapper

t3scan.1.7.8.0

K7 AntiVirus

Unwanted-Program

13.183.13642

Kaspersky

not-a-virus:AdWare.NSIS.Adwapper

14.0.0.3048

Malwarebytes

PUP.Optional.Sense.A

v2014.10.25.10

McAfee

Artemis!1C64E1862AA6

5600.6967

Microsoft Security Essentials

Threat.Undefined

1.179.1221.0

MicroWorld eScan

Gen:Variant.Graftor.153935

15.0.0.999

NANO AntiVirus

Riskware.Win32.Crossrider.dfhotl

0.28.2.62440

nProtect

Virus/W32.SpyEye

14.07.27.01

Panda Antivirus

Trj/Genetic.gen

14.10.25.10

Qihoo 360 Security

HEUR/Malware.QVM10.Gen

1.0.0.1015

Quick Heal

AdWare.NSIS.r5 (Not a Virus)

11.14.14.00

Reason Heuristics

PUP.Crossrider.MorganEnterMode.Q

14.10.25.10

Rising Antivirus

PE:Malware.Obscure!1.9C59

23.00.65.141023

Sophos

Generic PUA GO

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

10207

Trend Micro House Call

TROJ_GEN.F47V1207

7.2.333

Vba32 AntiVirus

AdWare.Adwapper

3.12.26.3

VIPRE Antivirus

Threat.4789396

33706

Zillya! Antivirus

Trojan.GoogUpdate.Win32.2671

2.0.0.1941

File size:

287.9 KB (294,816 bytes)

Product version:

1000.1000.1000.1000

Original file name:

Sense.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\sense\sense-buttonutil.exe

Digital Signature

Signed by:

Morgan Enter Mode

Authority:

COMODO CA Limited

Valid from:

8/28/2014 5:00:00 AM

Valid to:

8/29/2015 4:59:59 AM

Subject:

CN=Morgan Enter Mode, O=Morgan Enter Mode, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00E247EA066029B70533C15792B60ED4D8

File PE Metadata

Compilation timestamp:

10/14/2014 12:40:13 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

3072:eDE+IyX+Ul4bswBRDQG/QVDVp89JMrbD2ZRXLWL5LM+NzJWjcPxnVAOg+h6:eDE5giDBuVTrH2nC14S9WjgFn6

Entry address:

0x1F8E5

Entry point:

E8, 9C, 93, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 60, 22, 44, 00, E8, 35, 27, 00, 00, E8, 4B, 16, 00, 00, 0F, B7, F0, 6A, 02, E8, 2F, 93, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 3F, 2D, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Entropy:

6.3529

Code size:

211.5 KB (216,576 bytes)

The file sense-buttonutil.exe has been discovered within the following program.

Sense by Object Browser

Sense is a potentially unwanted web browser extension that will attempt to modify the user's home and search page settings as well as display advertisements in the browser. The software will attach to IE, Chrome and Firefox.

85% remove it

Remove sense-buttonutil.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.