» video mediaplayer-bho.dll
Overview
Analysis
File Details

video mediaplayer-bho.dll

video MediaPlayer

Bright circle investments Ltd.

This adware utilizes the Crossrider extension platform and will inject advertisiments in the Internet browser and may modify core browser settings. Ads will be delivered as banners and contextual text-links and may promote other potentially unwanted software. The module video mediaplayer-bho.dll, “video MediaPlayer BHO” by Bright circle investments has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is the Browser Helper Object (BHO) for the Crossrider web browser platform for Internet Explorer. Instead of utilizing a traditional IE Toolbar, it installs a BHO in the browser in order to manage the functionality of the addon. It is part of the Brightcircle group of web-extensions that inject advertisements in the browser.

File name:

Publisher:

enter (signed by Bright circle investments Ltd.)

Product:

video MediaPlayer

Description:

video MediaPlayer BHO

Version:

1.1.153.22

MD5:

38292afbf020624c57e020f3ed7a054b

SHA-1:

94a1ed544a220621729903a7da4034495b77f48e

SHA-256:

70b965839725698face55e203a5bb3b5272ce66484a75832a057ae8ee6f6b5b5

Scanner detections:

1 / 68

Status:

Adware

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements.

Note:

Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Bright circle investments Ltd..

Analysis date:

4/19/2024 3:41:34 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.Crossrider.Brightcircle (M)

16.4.6.1

File size:

552.5 KB (565,744 bytes)

Product version:

1.1.153.22

Original file name:

video MediaPlayer.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\video mediaplayer\video mediaplayer-bho.dll

Digital Signature

Signed by:

Bright circle investments Ltd.

Authority:

COMODO CA Limited

Valid from:

6/19/2014 8:00:00 AM

Valid to:

6/20/2015 7:59:59 AM

Subject:

CN=Bright circle investments Ltd., O=Bright circle investments Ltd., STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Nicosia, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00EF90FEF9AC8E258E5D30D0E08C84D37E

File PE Metadata

Compilation timestamp:

6/22/2014 6:08:45 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:TTLW4jWEmLTiuZXxxsG5zePhc/iT/m+7Et9okM:T/WnfT91xxsG2hc6TxYTokM

Entry address:

0x3E2B8

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 7C, B3, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 48, 7F, 07, 10, E8, B9, 30, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, A8, E9, 07, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 80, 90, 06, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Entropy:

6.5696

Developed / compiled with:

Microsoft Visual C++

Code size:

377 KB (386,048 bytes)

Remove video mediaplayer-bho.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.