sidb.dll

sipb

PINWID LTD

The module sidb.dll by PINWID has been detected as adware by 2 anti-malware scanners.
Publisher:
Microsoft  (signed by PINWID LTD)

Product:
sipb

Version:
1.2.0.0

MD5:
dada9ac1af09cfb199dbac1f8c56285e

SHA-1:
349c7e5f7c1cf5ede3c9b775951d9e4607f9ea9a

SHA-256:
6b07a7615df2c43e1c10106d7be813bb4e12e135f8b14aa47a8275cd49bad44f

Scanner detections:
2 / 68

Status:
Adware

Analysis date:
3/24/2014 2:48:32 AM UTC  (eight months ago)

Scan engine
Detection
Engine version

AVG
MalSign.Pindi
2015.0.3526

Reason Heuristics
PUP.PINWID.E
14.3.13.22

File size:
37.5 KB (38,432 bytes)

Product version:
1.2.0.0

Copyright:
Copyright © Linkury Inc. 2009

Original file name:
sidb.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\users\user\appdata\local\smartbar\application\sidb.dll

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
2/4/2014 7:00:00 PM

Valid to:
2/5/2015 6:59:59 PM

Subject:
CN=PINWID LTD, O=PINWID LTD, STREET=14 Shenkar Arie, L=HERZLIYA, S=NA, PostalCode=46733, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D9AC9FC9A1B1E8FD63013E3CCE7B0578

File PE Metadata
Compilation timestamp:
2/25/2014 4:49:59 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:XaM/O9y/O9U/O9Z/O9IGEyW48a8I3VnJHWMEl:XaMDL0SW48a8kRsl

Entry address:
0x9186

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 90, 00, 00, 0C, 00...
 
[+]

Entropy:
7.1049

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
28.5 KB (29,184 bytes)

There are 10 known variations of sidb.dll by Microsoft.

3 / 68      (Adware)
sidb.dll  1.2.0.0  (adb61d7b787d1ba5df5832c59ab3c5649d0ff26f)

3 / 68      (Adware)
sidb.dll  1.2.0.0  (8c49d33ebe66a334e773157606f7cc44541cc934)

2 / 68      (Adware)
sidb.dll  1.2.0.0  (4bc66bc351f41833933dbbb072c8d798d086ba9c)

3 / 68      (Adware)
sidb.dll  1.2.0.0  (5ed4d27ebe25deb5f86f56b6ac9151b48da5bd51)

3 / 68      (Adware)
sidb.dll  1.2.0.0  (177cafdfd699b896fd46e06de0bfa8a248e94f1b)

2 / 68      (Adware)
sidb.dll  1.2.0.0  (0d8964f39940a53110436e3f9aaad0899b79ceb3)

3 / 68      (Adware)
sidb.dll  1.2.0.0  (78e0825e2d6637dd54a0624ee02f8580ac441a7a)

2 / 68      (Adware)
sidb.dll  1.2.0.0  (3e0015816408fb2eb70740585dd7861f2a20c7eb)

2 / 68      (Adware)
sidb.dll  1.2.0.0  (8552f3e02c8df2a636757cbc973c23bb50a38bd1)

1 / 68      (Adware)
sidb.dll  1.2.0.0  (5ad20cc1decdf1a787a846a7b35434485d06e31b)

3 / 68      (Adware)
Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll  (21d49e9805934b5ae0504df0a96ad24fa865434d)

3 / 68      (Adware)
Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll  (b92e561b04eb777ea1cb6fdc30274eafcd315384)

Detection Incidence by Country