home

MediaInfo.dll

MediaInfo

Install Solution LTDA

This is part of the Somoto BetterInstaller, an installer that bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed without consent. The module MediaInfo.dll, “Convenient unified display of the most relevant technical and tag data for video and audio files” by Install SolutionA has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
MediaArea.net  (signed by Install Solution LTDA)

Product:
MediaInfo

Description:
Convenient unified display of the most relevant technical and tag data for video and audio files

Version:
0.7.67.0

MD5:
a37cd67360512f3500cb8c9611ec7485

SHA-1:
5a26a8611d9cdc903890e2800d631e4e4371d6eb

SHA-256:
01cdc00ec685cb71abd2dbd51ea346a1fbbf3804da0c364d11234c424c9cc350

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 11:25:45 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Somoto
15.2.14.11

File size:
3.2 MB (3,390,144 bytes)

Product version:
0.7.67.0

Copyright:
MediaArea.net

Original file name:
MediaInfo.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\windows\syswow64\mediainfo.dll

Digital Signature
Signed by:
Install Solution LTDA

Authority:
Unizeto Technologies S.A.

Valid from:
1/31/2014 5:50:18 AM

Valid to:
1/31/2015 5:50:18 AM

Subject:
E=suporte@installsolution.com.br, CN="Open Source Developer, Install Solution LTDA", O=Install Solution LTDA, C=BR

Issuer:
CN=Certum Level III CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
5FA3F40AF30F88E29492DC309E9D0432

File PE Metadata
Compilation timestamp:
1/10/2014 4:45:23 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:9ye4N00GBdPbxfYCVreSS+KuGusCsAfWESjmq+QwyTOlb7U:slYBtbxfYCVreSS+KuGusCsAfWES6q+c

Entry address:
0x24CD1D

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, 24, 94, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, FF, 35, AC, FA, 31, 10, E8, F4, 56, 00, 00, 85, C0, 59, 74, 02, FF, D0, 6A, 19, E8, 8A, 94, 00, 00, 6A, 01, 6A, 00, E8, C8, 45, 00, 00, 83, C4, 0C, E9, CD, 44, 00, 00, 6A, 14, 68, 10, 67, 2F, 10, E8, 40, 5C, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81...
 
[+]

Code size:
2.5 MB (2,646,016 bytes)

Remove MediaInfo.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.