joshProtocolOutlookAddIn.Entities.dll

josh Protocol! Outlook Add-in

IT Consult

The module joshProtocolOutlookAddIn.Entities.dll, “josh Protocol! Outlook Add-in Entities” by IT Consult has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Publisher:
IT Consult  (signed and verified)

Product:
josh Protocol! Outlook Add-in

Description:
josh Protocol! Outlook Add-in Entities

Version:
4.3.0.0

MD5:
7dd55ddc020204324d48d70e3083ae0c

SHA-1:
d7fb24970a27b7210b74aa18d15a6d2c5d981fb0

SHA-256:
8b6500c98790cec181e71180e0424285d54578de238abce1c5aad4e3c1c44bb4

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/23/2024 3:21:10 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Amonetize (M)
16.11.30.17

File size:
20.9 KB (21,392 bytes)

Product version:
4.3.0.0

Copyright:
Copyright © it Consult 2014

Original file name:
joshProtocolOutlookAddIn.Entities.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\assembly\dl3\omrnng1z.51b\dtawnlhl.l56\edf17044\009820b0_8818d101\joshprotocoloutlookaddin.entities.dll

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
6/11/2015 2:00:00 AM

Valid to:
7/11/2016 1:59:59 AM

Subject:
CN=IT Consult, O=IT Consult, L=Fermignano, S=Pesaro e Urbino, C=IT

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
61F7EF0A7B558B6BEB54449ABFC0146E

File PE Metadata
Compilation timestamp:
10/1/2015 12:31:26 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:+/Gt1/CBfSqcza+LTEkXb6enXBp1nYPLVcEXSwjg:D/Mf6rfXBp1gcqSw8

Entry address:
0x4C5E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
11.5 KB (11,776 bytes)

Remove joshProtocolOutlookAddIn.Entities.dll - Powered by Reason Core Security