home

dmm_plugin_installer.exe

DMM.com Co.,Ltd.

This is the uninstaller utility registered in the Windows Control Panel for the program DMMGamesPlugin. The file has been seen being downloaded from ic.3b879652.089164.1.dmmolgclg.loris.llnwd.net and multiple other hosts.
Publisher:
DMM.com Co.,Ltd.  (signed and verified)

MD5:
921b67d107052333f02d070f6e042008

SHA-1:
47c459888b3168693cdbb898f9899077f59339b2

SHA-256:
5f3d2362ca4aa4680352cbe677e57937cfd44d19696fd40b5e6b6053cec12532

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 9:56:47 AM UTC  (today)

File size:
318.8 KB (326,480 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\dmm_plugin_installer.exe

Digital Signature
Signed by:
DMM.com Co.,Ltd.

Authority:
Symantec Corporation

Valid from:
7/1/2015 9:00:00 AM

Valid to:
7/2/2016 8:59:59 AM

Subject:
CN="DMM.com Co.,Ltd.", OU=SystemTeam, O="DMM.com Co.,Ltd.", L=Shibuya-ku, S=Tokyo, C=JP

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
0D6AA2C749335268893062A7A028E750

File PE Metadata
Compilation timestamp:
12/26/2014 3:10:59 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:nv80nK7GiPElvfqpuhmu+2Ri2UpMKySWnqxkZIJBAKtcT:nvRK7Gislbmu+2gdGAWnekZmiKtcT

Entry address:
0xD9CE

Entry point:
E8, 7E, 1D, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 5D, E9, 79, FD, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 56, 8B, F1, C6, 46, 0C, 00, 85, C0, 75, 63, E8, 74, 1A, 00, 00, 89, 46, 08, 8B, 48, 6C, 89, 0E, 8B, 48, 68, 89, 4E, 04, 8B, 0E, 3B, 0D, 40, F8, 41, 00, 74, 12, 8B, 0D, F8, F5, 41, 00, 85, 48, 70, 75, 07, E8, 6D, 27, 00, 00, 89, 06, 8B, 46, 04, 3B, 05, 00, F5, 41, 00, 74, 16, 8B, 46, 08, 8B, 0D, F8, F5, 41, 00, 85, 48, 70, 75, 08, E8, CC, 1F, 00, 00, 89, 46, 04, 8B, 46, 08, F6, 40, 70, 02, 75...
 
[+]

Entropy:
6.5959

Code size:
95.5 KB (97,792 bytes)

Program Uninstaller
Program name:
DMMGamesPlugin

Uninstall string:
C:\Dmmgames\Common\Plugin\dmm_plugin_installer.exe /uninstall


The file dmm_plugin_installer.exe has been seen being distributed by the following 3 URLs.

http://ic.3b879652.089164.1.dmmolgclg.loris.llnwd.net/.../dmm_plugin_installer.exe

http://ic.7e7c3aeb.089164.1.dmmolgclg.loris.llnwd.net/.../dmm_plugin_installer.exe

http://dl.client-netgame.dmm.com/.../dmm_plugin_installer.exe

Scan dmm_plugin_installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.