IEBHO.dll

IEHelper Module

MusicLab LLC

The module IEBHO.dll by MusicLab has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘UrlHelper Class’. This file is typically installed with the program MediaBar by Musiclab, LLC which is a potentially unwanted software program.
Publisher:
MusicLab, LLC  (signed by MusicLab LLC)

Product:
IEHelper Module

Description:
IEHelper

Version:
1.0.0.0

MD5:
b2f6a287ca4f7a377c8baf7ae53e6562

SHA-1:
b9cfbe628d43cd4244a2bff6c4091daf3e61ce1f

SHA-256:
74c8668afeb3279a578ae35281c479fd493968b62c937d6d6d911fcf1d3829c8

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 11:32:55 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.BHO.MusicLab.F
14.10.17.14

File size:
382.9 KB (392,112 bytes)

Product version:
1.0.0.1

Copyright:
Copyright (c) 2005 - 2010

Original file name:
IEBHO.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\bearshare applications\mediabar\datamngr\iebho.dll

Digital Signature
Signed by:

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
5/27/2010 8:00:00 PM

Valid to:
5/28/2011 7:59:59 PM

Subject:
CN=MusicLab LLC, OU=SECURE APPLICATION DEVELOPMENT, O=MusicLab LLC, L=New York, S=New York, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
420322A094ED9B312AA248555D789C37

File PE Metadata
Compilation timestamp:
6/6/2010 9:37:49 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:ZMJNIZdfY2RmFGb8CICYJdJ6KJTtnh74mxAoDPrHJ+f9GKt:ZMJNIZdfY2fYjCYJdJvtnh7hxpDzHJ+P

Entry address:
0x2ED2B

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, B9, 7D, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 83, EC, 14, A1, 14, 69, 05, 10, 33, C5, 89, 45, FC, 53, 56, 33, DB, 57, 8B, F1, 39, 1D, 34, 81, 05, 10, 75, 38, 53, 53, 33, FF, 47, 57, 68, 08, B5, 04, 10, 68, 00, 01, 00, 00, 53, FF, 15, A8, 81, 04, 10, 85, C0, 74, 08, 89, 3D, 34, 81, 05, 10, EB, 15, FF, 15, 34, 80, 04, 10, 83, F8, 78, 75, 0A, C7, 05, 34, 81, 05, 10, 02, 00, 00, 00, 39, 5D, 14, 7E...
 
[+]

Entropy:
6.5559

Code size:
283 KB (289,792 bytes)

Internet Explorer BHO
CLSID:
{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}

CLSID name:
UrlHelper Class


The file IEBHO.dll has been discovered within the following programs.

MediaBar  by Musiclab, LLC
Musiclab MediaBar (Visicom Media Inc) is an ad-supported (users may see additional banner, search, pop-up, pop-under, interstitial and in-text link advertisements) cross web browser plugin for Internet Explorer (BHO) and Firefox/Chrome (plugin) and distributed through various monitization platforms during installation.
www.bearshare.com
68% remove it
 
Powered by Should I Remove It?

Remove IEBHO.dll - Powered by Reason Core Security