» senses-buttonutil.dll
Overview
Analysis
File Details
Programs (1)

senses-buttonutil.dll

Morgan Enter Mode

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The module senses-buttonutil.dll by Morgan Enter Mode has been detected as adware by 14 anti-malware scanners. This file is typically installed with the program Senses by Krance Development which is a potentially unwanted software program. The ButtonUtil module (32-bit version) uses the Crossrider web extension monetization toolkit and will perform a number of helper integration activities on the user's web browser's as well as the Window's Shell in order to install the addon. It is part of the Brightcircle group of web-extensions that inject advertisements in the browser.

File name:

Publisher:

Morgan Enter Mode (signed and verified)

MD5:

d12e16f5fe985de68acd0523ddb6b7ff

SHA-1:

b41689564e46d0383850603eebf4a8f14e50b1c2

SHA-256:

4a9bf35be59772a726528520c5291934a00c7149a7bd6f84bd80ebfbb319c89c

Scanner detections:

14 / 68

Status:

Adware

Explanation:

Part of the Crossrider toolbar platform.

Note:

Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Morgan Enter Mode.

Analysis date:

4/26/2024 7:28:16 AM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

PUP/Win32.CrossRider

2014.10.22

Avira AntiVirus

Adware/Agent.CrossRider.BD

7.11.181.44

AVG

Morgan

2015.0.3308

Baidu Antivirus

Adware.NSIS.Adwapper

4.0.3.141027

Dr.Web

DLOADER.Trojan

9.0.1.0300

ESET NOD32

Win32/Toolbar.CrossRider.BD (variant)

8.10618

Fortinet FortiGate

Adware/Adwapper

12/22/2014

K7 AntiVirus

Unwanted-Program

13.185.13805

Kaspersky

not-a-virus:AdWare.NSIS.Adwapper

14.0.0.3037

McAfee

Artemis!D12E16F5FE98

5600.6964

NANO AntiVirus

Trojan.Win32.Agent.dhaxvo

0.28.2.62841

Qihoo 360 Security

HEUR/QVM30.1.Malware.Gen

1.0.0.1015

Reason Heuristics

PUP.Crossrider.MorganEnterMode.R

14.10.27.13

Sophos

Generic PUA MC

4.98

File size:

360.4 KB (369,056 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\senses\senses-buttonutil.dll

Digital Signature

Signed by:

Morgan Enter Mode

Authority:

COMODO CA Limited

Valid from:

8/28/2014 2:00:00 AM

Valid to:

8/29/2015 1:59:59 AM

Subject:

CN=Morgan Enter Mode, O=Morgan Enter Mode, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00E247EA066029B70533C15792B60ED4D8

File PE Metadata

Compilation timestamp:

10/20/2014 9:34:47 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

6144:UCtSdP1Z2lu+6Nqa297eTBwg9YhgexfTLJ:UUSdP1Z2lqqa2leT+g0/TLJ

Entry address:

0x24E83

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 01, 9A, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 98, 70, 04, 10, E8, 0E, 36, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 28, F1, 04, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 90, 04, 04, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

235 KB (240,640 bytes)

The file senses-buttonutil.dll has been discovered within the following program.

Senses by Krance Development

Senses is a web browser extension that uses the CrossRider toolbar framework in order to inject display advertising in the user's browser.

83% remove it

Remove senses-buttonutil.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.