» SurftasticBrowserFilter.exe
Overview
Analysis
File Details
Programs (2)

SurftasticBrowserFilter.exe

Surftastic

Installed as part of the Yontoo Surftastic branded web browser extension, the BrowserFilter component is responsible for injecting advertising in the browser based on the context of the HTML being rendered. Ads are injected in the browser in the form of inline text, coupons, multi-site searching and additional offers. The application SurftasticBrowserFilter.exe by Surftastic has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. Additionally, the file is typically installed by a number of programs including Surftastic by Yontoo Technology, Inc. and Buzzdock by Alactro LLC, both potentially unwanted software.

File name:

Publisher:

Surftastic (signed and verified)

Version:

0.0.0.0

MD5:

2f118992f410fab55f5c92ce6351cadd

SHA-1:

d5404ee75bd655d7d6536ec019cf7194ee39c4d8

SHA-256:

58376743164a5ede559782e68fbfc85c506f82d234809fc91f02f18a53e621d0

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Part of the Yontoo ad injection web browser add-on.

Analysis date:

4/20/2024 1:35:07 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.Yontoo.Surftastic (M)

16.2.13.20

File size:

41.3 KB (42,272 bytes)

Product version:

0.0.0.0

Original file name:

SurftasticBrowserFilter.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\surftastic\surftasticbrowserfilter.exe

Digital Signature

Signed by:

Surftastic

Authority:

VeriSign, Inc.

Valid from:

1/3/2014 5:30:00 AM

Valid to:

1/4/2015 5:29:59 AM

Subject:

CN=Surftastic, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Surftastic, L=San Diego, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

117C1C381BA3522C50659E614BB20D99

File PE Metadata

Compilation timestamp:

2/4/2014 3:44:20 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

768:GEEFM5CXFl1jIW3C6Xi++O+dJ7LVYN/g8pR:1EFM4XPyWTo/J7LI/gmR

Entry address:

0x9FFE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.0335

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

32.5 KB (33,280 bytes)

The file SurftasticBrowserFilter.exe has been discovered within the following programs.

Buzzdock by Alactro LLC

This is a web browser extension that injects advertising. From the EULA: "Buzzdock is free to download and use. Buzzdock is supported by advertising, and users will see additional ads on websites where Buzzdock features operate.

www.buzzdock.com/faq-support

79% remove it

Surftastic by Yontoo Technology, Inc.

This adware program injects advertisements with its affiliate ad providers in order to serve a number of ad types including banner, inline text links and popups.

surftastic.net/support

80% remove it

Remove SurftasticBrowserFilter.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.