» Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll
Overview
Analysis
File Details
Programs (1)

Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll

VERISTAFF.COM LTD

This is part of the Linkury/SnapDo monetization software, a web browser toolbar used to hijack a user's search in order to collect revenues. The SmartBar is a a potentially unwanted toolbar and Windows Gadget that is advertising supported (adware). The module Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll by VERISTAFF.COM has been detected as adware by 5 anti-malware scanners. This file is typically installed with the program SafeFinder Smartbar by Linkury Ltd. which is a potentially unwanted software program.

File name:

Publisher:

VERISTAFF.COM LTD (signed and verified)

Version:

1.2.0.0

MD5:

74a54dc17dea0e274cd25d3d3e2e6416

SHA-1:

e5e747120b40c44b759d719333cfb3fdb553f851

SHA-256:

fa8ff8f2550da1fb0cdbac5b89f85386bfbb329d3ba390885f2864689b5f6049

Scanner detections:

5 / 68

Status:

Adware

Analysis date:

4/26/2024 1:51:29 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

APPL/Linkury.Gen2

7.11.189.70

AVG

Generic

2015.0.3277

G Data

Win32.Application.Linkury

14.11.24

Reason Heuristics

PUP.VERISTAFFCOM.p

14.12.4.0

VIPRE Antivirus

Threat.4783962

35088

File size:

47.5 KB (48,656 bytes)

Product version:

1.2.0.0

Original file name:

Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\smartbar\application\smartbar.resources.socialnetssharer.xmlserializers.dll

Digital Signature

Signed by:

VERISTAFF.COM LTD

Authority:

COMODO CA Limited

Valid from:

9/15/2014 8:00:00 AM

Valid to:

9/16/2015 7:59:59 AM

Subject:

CN=VERISTAFF.COM LTD, OU=514841295, O=VERISTAFF.COM LTD, STREET=Shenkar 14, L=Hertzlya, S=TLV, PostalCode=4672514, C=IL

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

2AF13BF1274B91869E8E8BA9B16282CA

File PE Metadata

Compilation timestamp:

11/19/2014 10:17:12 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:Z2LvmVsIcSOPdGpY+SEcDqX3pjIybnYPLP6Ma56Prik:ZnbcRg6ZEcDqX3pjIybS9aUrik

Entry address:

0x86BE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

4.5275

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

28 KB (28,672 bytes)

The file Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll has been discovered within the following programs.

SafeFinder Smartbar by Linkury Ltd.

SafeFinder displays advertising in the user's Internet browser by running as an extension and/or add-on. Ads are delivered in the form of search-related ads, banner and video ads, and text-links (roll-overs) as well as some popup ads.

www.linkury.com/faq/s/faq.aspx?company=SafeFinder

67% remove it

Remove Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.