» sense-buttonutil64.dll
Overview
Analysis
File Details
Programs (1)

sense-buttonutil64.dll

Morgan Enter Mode

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The module sense-buttonutil64.dll by Morgan Enter Mode has been detected as adware by 6 anti-malware scanners. This file is typically installed with the program Sense by Object Browser which is a potentially unwanted software program. The ButtonUtil module (64-bit version) uses the Crossrider web extension platform and will perform a number of helper integration on the user's web browser's as well as the Window's Shell in order to install the addon. It is distributed as part of the Brightcircle group of browser-extensions.

File name:

Publisher:

Morgan Enter Mode (signed and verified)

MD5:

bbb85de340e68c07dec821fe991a1688

SHA-1:

b79956032c3ff3c59b6ab867c23f8a2beeb65418

SHA-256:

03c5a66d6bf2b1ec127f5916556d462f780f352c49cac181ecad512aaadba6af

Scanner detections:

6 / 68

Status:

Adware

Explanation:

Part of the Crossrider toolbar platform. Distributed through the Brightcircle investments brand.

Note:

Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Morgan Enter Mode.

Analysis date:

4/25/2024 6:42:19 PM UTC (today)

Scan engine

Detection

Engine version

AVG

Morgan

2015.0.3311

Baidu Antivirus

Adware.Win64.Crossrider

4.0.3.141025

Fortinet FortiGate

Adware/Adwapper

10/25/2014

Kaspersky

not-a-virus:AdWare.NSIS.Adwapper

14.0.0.3048

McAfee

Artemis!BBB85DE340E6

5600.6967

Reason Heuristics

PUP.Crossrider.MorganEnterMode.S

14.10.25.10

File size:

472.9 KB (484,256 bytes)

File type:

Dynamic link library (Win64 DLL)

Common path:

C:\Program Files\sense\sense-buttonutil64.dll

Digital Signature

Signed by:

Morgan Enter Mode

Authority:

COMODO CA Limited

Valid from:

8/28/2014 5:00:00 AM

Valid to:

8/29/2015 4:59:59 AM

Subject:

CN=Morgan Enter Mode, O=Morgan Enter Mode, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00E247EA066029B70533C15792B60ED4D8

File PE Metadata

Compilation timestamp:

10/14/2014 12:39:03 AM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

6144:sceQ8JLXHQ38E9qqOWEYyaM9jWFoevZKnVNOeQD7Tm1Y0Vzx7+xTzTB6bTexy3IE:rk/vVsi17X7+1zTQbTewN7cAv

Entry address:

0x2EC1C

Entry point:

48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 7F, A7, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, 30, 01, 04, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF... 
[+]

Entropy:

6.2428

Code size:

313 KB (320,512 bytes)

The file sense-buttonutil64.dll has been discovered within the following program.

Sense by Object Browser

Sense is a potentially unwanted web browser extension that will attempt to modify the user's home and search page settings as well as display advertisements in the browser. The software will attach to IE, Chrome and Firefox.

85% remove it

Remove sense-buttonutil64.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.