home

boosti.dll

Boost

Boost Shopping

The module boosti.dll, “Boost is an application designed to help you compare products and prices while you shop online.” by Boost Shopping has been detected as adware by 2 anti-malware scanners.
Publisher:
Boost Shopping  (signed and verified)

Product:
Boost

Description:
Boost is an application designed to help you compare products and prices while you shop online.

Version:
4.0.3.6

MD5:
ed3d7c1c41d5849eca98c4e83a76c0ed

SHA-1:
e4e6d5c4916ad09bf518e8b78df62c64e4d38b33

SHA-256:
b4bf75ec3baff4fdfd6c7b47d88209d4cd6c219361a51de3c641644e361d8671

Scanner detections:
2 / 68

Status:
Adware

Analysis date:
5/18/2024 1:04:46 AM UTC  (today)

Scan engine
Detection
Engine version

Malwarebytes
PUP.Optional.Boost.A
v2015.06.12.03

Reason Heuristics
PUP.BoostShopping
15.6.11.21

File size:
445.9 KB (456,592 bytes)

Product version:
4.0.3.6

Copyright:
(C) 2015 Boost Shopping. All right reserved.

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\boost\boosti.dll

Digital Signature
Signed by:
Boost Shopping

Authority:
Symantec Corporation

Valid from:
5/12/2015 8:00:00 PM

Valid to:
8/11/2016 7:59:59 PM

Subject:
CN=Boost Shopping, O=Boost Shopping, L=Bellevue, S=Washington, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
56BE18B038839D1B74FAC83C3F051C21

File PE Metadata
Compilation timestamp:
6/10/2015 4:17:47 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:CwREqHhkNxzx6eypJeGZmu/hOcyfAO/AOUNTBRoT9N2F:f+NFx6ecA2yfdWNTfoxM

Entry address:
0x165EA

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, C7, A7, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 10, 5B, 06, 10, E8, E7, 4E, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 8C, 91, 06, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 60, 18, 05, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Entropy:
6.5424

Developed / compiled with:
Microsoft Visual C++

Code size:
295 KB (302,080 bytes)

Remove boosti.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.