home

64boost.dll

Boost Shopping

The module 64boost.dll, “Boost is an application designed to help you compare products and prices while you shop online.” by Boost Shopping has been detected as adware by 3 anti-malware scanners.
Publisher:
Boost  (signed by Boost Shopping)

Product:
Boost

Description:
Boost is an application designed to help you compare products and prices while you shop online.

Version:
3.0.1.5

MD5:
81a1dbfd4a2906445188bf64ccd3f447

SHA-1:
363fbba865a024ec65b88957a4e7b9ffb8248c04

SHA-256:
a69827f46b4c874fa9f1db1ec4b75786f9aace65cc520f265c851e1510c67d8f

Scanner detections:
3 / 68

Status:
Adware

Analysis date:
5/21/2024 8:27:35 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Adware.Shopper.920
9.0.1.05190

Malwarebytes
PUP.Optional.Boost.A
v2015.06.12.03

Reason Heuristics
PUP.BoostShopping
15.6.11.21

File size:
542.9 KB (555,952 bytes)

Product version:
3.0.1.5

Copyright:
(C) 2014 Boost Shopping. All right reserved.

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Program Files\boost\64boost.dll

Digital Signature
Signed by:
Boost Shopping

Authority:
Symantec Corporation

Valid from:
5/12/2015 8:00:00 PM

Valid to:
8/11/2016 7:59:59 PM

Subject:
CN=Boost Shopping, O=Boost Shopping, L=Bellevue, S=Washington, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
56BE18B038839D1B74FAC83C3F051C21

Registration
CLSID:
{2299856A-6506-42E3-A34F-CD35A47C1B19}

ProgID:
Boost.BoostBho.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
6/10/2015 4:25:04 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:CYeVPuHvVsq/IDad/+eQEv+LCKMRYQT14jwfOsfNtCbMrUjf09uRKPkrMQspKzoZ:CYeoH9sC8ad/+E+3MnsqNQspKzoZ

Entry address:
0x2CF5C

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 53, BC, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, A7, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 8B, C1, 48, F7, D9, 48, A9, 07, 00, 00, 00, 74, 0F, 66, 90, 8A, 10, 48, FF, C0, 84, D2, 74, 5F, A8, 07, 75, F3, 49, B8, FF, FE, FE, FE, FE, FE, FE, 7E, 49, BB, 00, 01, 01...
 
[+]

Entropy:
5.9489

Code size:
269 KB (275,456 bytes)

Remove 64boost.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.