» senses-buttonutil64.dll
Overview
Analysis
File Details
Programs (1)

senses-buttonutil64.dll

Berta Brid Eco

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The module senses-buttonutil64.dll by Berta Brid Eco has been detected as adware by 7 anti-malware scanners. This file is typically installed with the program Senses by Krance Development which is a potentially unwanted software program. The ButtonUtil module (64-bit version) uses the Crossrider web extension platform and will perform a number of helper integration on the user's web browser's as well as the Window's Shell in order to install the addon. It is distributed as part of the Brightcircle group of browser-extensions.

File name:

Publisher:

Berta Brid Eco (signed and verified)

MD5:

10ec7dda7ce9208e7c384ca28d3ad781

SHA-1:

1be456ae4060c57c9ba42b135a320ba659a21809

SHA-256:

004fcc38108aa161b68dce948e886aacfa520ee75e14c19ef86b6d449bf2bfa8

Scanner detections:

7 / 68

Status:

Adware

Explanation:

Part of the Crossrider toolbar platform. Distributed through the Brightcircle investments brand.

Note:

Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Berta Brid Eco.

Analysis date:

5/4/2024 2:10:13 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

Adware/CrossRider.pq

7.11.173.134

AVG

Generic

2015.0.3335

herdProtect (fuzzy)

variant of thetorntv v10-buttonutil64.dll (Adware)

2014.12.3.21

Kaspersky

not-a-virus:AdWare.NSIS.Adwapper

14.0.0.3172

Panda Antivirus

Trj/Chgt.G

14.09.30.04

Qihoo 360 Security

Win32/Virus.Adware.970

1.0.0.1015

Reason Heuristics

PUP.Crossrider.BertaBridEco.T

14.9.21.12

File size:

477.9 KB (489,368 bytes)

File type:

Dynamic link library (Win64 DLL)

Common path:

C:\Program Files\senses\senses-buttonutil64.dll

Digital Signature

Signed by:

Berta Brid Eco

Authority:

COMODO CA Limited

Valid from:

8/14/2014 2:00:00 AM

Valid to:

8/15/2015 1:59:59 AM

Subject:

CN=Berta Brid Eco, O=Berta Brid Eco, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Nicosia, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00EF48FE90F98CEC7AF0FDEECC0B376D44

File PE Metadata

Compilation timestamp:

9/19/2014 12:02:52 AM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

6144:TtCnIJPTAnKCpwLJN350WKM99eW6/giyCVpuKF33MxGRhOwTW/3jPMRSOTB/zfDn:6iE3dh8QhI/TPMMOTZzfjYb0

Entry address:

0x2F18C

Entry point:

48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, EF, A9, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, E0, 0B, 04, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF... 
[+]

Code size:

317 KB (324,608 bytes)

The file senses-buttonutil64.dll has been discovered within the following program.

Senses by Krance Development

Senses is a web browser extension that uses the CrossRider toolbar framework in order to inject display advertising in the user's browser.

83% remove it

Remove senses-buttonutil64.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.