joshProtocolOutlookAddIn.taskpane.dll

josh Protocol! Outlook Add-Inn

IT Consult

The module joshProtocolOutlookAddIn.taskpane.dll, “josh Protocol! Outllok Add-in Taskpane” by IT Consult has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Publisher:
IT Consult  (signed and verified)

Product:
josh Protocol! Outlook Add-Inn

Description:
josh Protocol! Outllok Add-in Taskpane

Version:
4.3.0.0

MD5:
973e87ba6d1fde9474975748356aed0b

SHA-1:
e6068547ed5cf3a10c96ef8d3f0af8583e87c793

SHA-256:
e2f28d446663b455f31a66e083099309ddcf141f89d4ed174efeb7dbb26ede52

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/23/2024 3:21:07 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Amonetize (M)
16.11.30.17

File size:
733.4 KB (750,992 bytes)

Product version:
4.3.0.0

Copyright:
Copyright © it Consult 2014

Original file name:
joshProtocolOutlookAddIn.taskpane.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\assembly\dl3\omrnng1z.51b\dtawnlhl.l56\88d8e6b2\004ce5b4_8818d101\joshprotocoloutlookaddin.taskpane.dll

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
6/11/2015 2:00:00 AM

Valid to:
7/11/2016 1:59:59 AM

Subject:
CN=IT Consult, O=IT Consult, L=Fermignano, S=Pesaro e Urbino, C=IT

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
61F7EF0A7B558B6BEB54449ABFC0146E

File PE Metadata
Compilation timestamp:
11/6/2015 12:45:58 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:4O11111FcxJqk4KxAsAEgxDT1Vxk2bG35o5p5mabU5TfrzMIvEXY/m/Z5XAqP26n:IJ+KxNkD+35oL5maY5TfrzYXYIT/y8fH

Entry address:
0xB6EAE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
724 KB (741,376 bytes)

Remove joshProtocolOutlookAddIn.taskpane.dll - Powered by Reason Core Security