Interop.IWshRuntimeLibrary.dll

Assembly imported from type library 'IWshRuntimeLibrary'.

Bright circle investments Ltd.

This adware utilizes the Crossrider extension platform and will inject advertisiments in the Internet browser and may modify core browser settings. Ads will be delivered as banners and contextual text-links and may promote other potentially unwanted software. Interop.IWshRuntimeLibrary.dll is the library is an interop assembly of the IWshRuntimeLibrary and is recompiled by Bright circle investments Ltd.. The file Interop.IWshRuntimeLibrary.dll, re-signed by Bright circle investments Ltd., is an Interop assembly that has been intergated by a 3rd-party into a .Net application, even though the assembly itself is most likely safe, it has been recompiled by a potentially unwanted program. Although a detection has been made for this resource, it is generally a commonly distributed 3rd-party library and is typically safe by itself. It is part of the Brightcircle group of web-extensions that inject advertisements in the browser.
Publisher:
Bright circle investments Ltd.  (signed and verified)

Product:
Assembly imported from type library 'IWshRuntimeLibrary'.

Version:
1.0.0.0

MD5:
50b750bbf8cabb68974ba0b7b2215acb

SHA-1:
55ba498989e31a0a0d770baaf3877acb9a3988fe

SHA-256:
662d834cc029d04eadea9be6a07de9105c0a383dcbf3e0a690cdaeac9b6171a4

Scanner detections:
1 / 68

Status:
Adware

Explanation:
This is the library is an interop assembly of the IWshRuntimeLibrary. While the file itself is not dangerous, it is part of a program that has been detected.

Analysis date:
12/25/2024 6:11:13 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Brightcircle (M)
17.3.15.6

File size:
50.1 KB (51,256 bytes)

Product version:
1.0.0.0

Original file name:
Interop.IWshRuntimeLibrary.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\hq-v1.8\interop.iwshruntimelibrary.dll

Digital Signature
Authority:
COMODO CA Limited

Valid from:
6/20/2014 2:00:00 AM

Valid to:
6/21/2015 1:59:59 AM

Subject:
CN=Bright circle investments Ltd., O=Bright circle investments Ltd., STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Nicosia, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
4347D0F2AD67F1767C932B3BFBEA7713

File PE Metadata
Compilation timestamp:
5/29/2014 11:17:51 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

Entry address:
0xA83E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
36 KB (36,864 bytes)

Remove Interop.IWshRuntimeLibrary.dll - Powered by Reason Core Security