home

SuperSocket.ClientEngine.Core.dll

SuperSocket ClientEngine

Hike Zone Plus

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The module SuperSocket.ClientEngine.Core.dll, “SuperSocket.ClientEngine.Core for .NET 2.0” by Hike Zone Plus has been detected as adware by 13 anti-malware scanners. The library is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider. It is distributed as part of the Brightcircle group of browser-extensions.
Publisher:
SuperSocket  (signed by Hike Zone Plus)

Product:
SuperSocket ClientEngine

Description:
SuperSocket.ClientEngine.Core for .NET 2.0

Version:
0.3.0.0

MD5:
465f7c39635a6bdaeb40ec5820923807

SHA-1:
ab5db7157bf534301ec86b61289917d4172cb02f

SHA-256:
d7ae1cc9420ffc878fd54502e6dfe5fc7c479bdbd978c955c62e87123e2ce76e

Scanner detections:
13 / 68

Status:
Adware

Explanation:
May modify the web browser's settings including changing the homepage and search provider in addition to delivering ads (by injecting banner and text-links directly in the webpage). Distributed through the Brightcircle investments brand.

Analysis date:
4/24/2024 2:46:35 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Crossrider-Z [PUP]
141025-0

AVG
Generic
2015.0.3310

Clam AntiVirus
Win.Trojan.Googupdate-11
0.98/21411

ESET NOD32
Win32/Toolbar.CrossRider.BG (variant)
8.10610

IKARUS anti.virus
PUA.Plush
t3scan.1.7.8.0

Kaspersky
Trojan.NSIS.GoogUpdate
15.0.0.494

McAfee
Artemis!F11B6374F6DB
5600.6966

nProtect
Trojan-Clicker/W32.Agent.26520
14.10.15.01

Panda Antivirus
Trj/Chgt.I
14.10.25.05

Qihoo 360 Security
Win32/Trojan.93d
1.0.0.1015

Reason Heuristics
PUP.HikeZonePlus.BB
14.10.25.17

SUPERAntiSpyware
Trojan.Agent/Gen-GoogUpdate
10278

Vba32 AntiVirus
Trojan.GoogUpdate
3.12.26.3

File size:
25.9 KB (26,520 bytes)

Product version:
0.3.0.0

Copyright:
Copyright © clientengine.codeplex.com 2012

Original file name:
SuperSocket.ClientEngine.Core.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\high-d-v11v21.09\supersocket.clientengine.core.dll

Digital Signature
Signed by:
Hike Zone Plus

Authority:
COMODO CA Limited

Valid from:
8/18/2014 8:00:00 PM

Valid to:
8/19/2015 7:59:59 PM

Subject:
CN=Hike Zone Plus, O=Hike Zone Plus, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Nicosia, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
7DF4D8EF200BAB292519E3CF5597AD86

File PE Metadata
Compilation timestamp:
4/11/2014 10:22:22 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:Uu27nH/DYYxTFBA5Wuj6LV466g8qtBYo1gBul8v:UdhxTFBAkuugvv

Entry address:
0x6A2E

Entry point:
FF, 25, 00, 20, 00, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.7675

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
19 KB (19,456 bytes)

Remove SuperSocket.ClientEngine.Core.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.