» surftastic.browserfilter.helper.dll
Overview
Analysis
File Details
Programs (1)

surftastic.browserfilter.helper.dll

Surftastic

Part of the Yontoo adware component, a web browser plugin that injects unwanted ads in the browser. The module surftastic.browserfilter.helper.dll by Surftastic has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Surftastic by Yontoo Technology, Inc. which is a potentially unwanted software program.

File name:

Publisher:

Surftastic (signed and verified)

MD5:

39ac796e1a6f9a072e4a61e2e227065c

SHA-1:

4c0223d7cf3f64e671c345ede64a71044de9e2ca

SHA-256:

2a736d3fb120ed5fb353e42a6c50571288a52ffbc5b8c3569621d8ebcc7fee9f

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Belongs to the Sambreel/Yontoo progam that inserts various forms of advertising in the user's web browser, installed with minimal or no user consent.

Analysis date:

4/26/2024 5:29:51 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.Yontoo.Surftastic (M)

16.1.15.2

File size:

388.8 KB (398,112 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\surftastic\surftastic.browserfilter.helper.dll

Digital Signature

Signed by:

Surftastic

Authority:

VeriSign, Inc.

Valid from:

1/3/2014 7:00:00 AM

Valid to:

1/4/2015 6:59:59 AM

Subject:

CN=Surftastic, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Surftastic, L=San Diego, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

117C1C381BA3522C50659E614BB20D99

File PE Metadata

Compilation timestamp:

4/3/2014 3:36:31 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

3072:3RLdBzWsg2wx/LuLK0qc2t1SsRb28G+fjxpzwZ/Nep54m2dUi8+O4Asi7T25lVO:hLdHsLejCJ128GexpM1e4lpOcCT2BO

Entry address:

0x1A2DA

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, F5, 61, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 40, D4, 05, 10, 89, 0D, 3C, D4, 05, 10, 89, 15, 38, D4, 05, 10, 89, 1D, 34, D4, 05, 10, 89, 35, 30, D4, 05, 10, 89, 3D, 2C, D4, 05, 10, 66, 8C, 15, 58, D4, 05, 10, 66, 8C, 0D, 4C, D4, 05, 10, 66, 8C, 1D, 28, D4, 05, 10, 66, 8C, 05, 24, D4, 05, 10, 66, 8C, 25, 20, D4, 05, 10, 66, 8C, 2D, 1C, D4, 05, 10, 9C, 8F, 05, 50, D4... 
[+]

Entropy:

4.9091

Code size:

174 KB (178,176 bytes)

The file surftastic.browserfilter.helper.dll has been discovered within the following program.

Surftastic by Yontoo Technology, Inc.

This adware program injects advertisements with its affiliate ad providers in order to serve a number of ad types including banner, inline text links and popups.

surftastic.net/support

80% remove it

Remove surftastic.browserfilter.helper.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.