home

SuperSocket.ClientEngine.Protocol.dll

SuperSocket ClientEngine

Hike Zone Plus

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The module SuperSocket.ClientEngine.Protocol.dll, “SuperSocket.ClientEngine.Protocol for .NET 2.0” by Hike Zone Plus has been detected as adware by 5 anti-malware scanners. It is distributed as part of the Brightcircle group of browser-extensions.
Publisher:
SuperSocket  (signed by Hike Zone Plus)

Product:
SuperSocket ClientEngine

Description:
SuperSocket.ClientEngine.Protocol for .NET 2.0

Version:
0.3.0.0

MD5:
2b05671eabbbaa67a3325fcaad013cf8

SHA-1:
b1958754bd393c11251fc0649f7a82834c6b8698

SHA-256:
c5be459b9451965ee66f774425c86f1e923b5d386045e359e7528f10d407fd48

Scanner detections:
5 / 68

Status:
Adware

Analysis date:
4/18/2024 12:33:01 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
Generic
2015.0.3272

IKARUS anti.virus
PUA.Plush
t3scan.1.7.8.0

nProtect
Trojan-Clicker/W32.Agent.19864
14.09.18.01

Reason Heuristics
PUP.HikeZonePlus.FF
14.9.20.20

Vba32 AntiVirus
Trojan.GoogUpdate
3.12.26.3

File size:
19.4 KB (19,864 bytes)

Product version:
0.3.0.0

Copyright:
Copyright © clientengine.codeplex.com 2012

Original file name:
SuperSocket.ClientEngine.Protocol.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\totalplus01-3.1v17.09\supersocket.clientengine.protocol.dll

Digital Signature
Signed by:
Hike Zone Plus

Authority:
COMODO CA Limited

Valid from:
8/19/2014 3:00:00 AM

Valid to:
8/20/2015 2:59:59 AM

Subject:
CN=Hike Zone Plus, O=Hike Zone Plus, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Nicosia, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
7DF4D8EF200BAB292519E3CF5597AD86

File PE Metadata
Compilation timestamp:
4/11/2014 5:22:22 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:EH0K1XmogLQQkmW8GdaO6cWmgLq08ul8bd:kXm/n6dkmgLq0abd

Entry address:
0x51CE

Entry point:
FF, 25, 00, 20, 00, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 10, 00, 00, 00, 18, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 30, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 48, 00, 00, 00, 58, 60, 00, 00, 44, 04...
 
[+]

Entropy:
5.9585

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
12.5 KB (12,800 bytes)

Remove SuperSocket.ClientEngine.Protocol.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.