opls.dll

OpinionSquare

TMRG, Inc.

The component is part of the TMRG platform which will track various behaviors of web browsing habits including tracking sites and domains visited as well as ads clicked. The module opls.dll by TMRG has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
TMRG, Inc.  (signed and verified)

Product:
OpinionSquare

Version:
4.0.11.30 (Build 11.30)

MD5:
28fac3b71d0dde6b5552402478f5c2c5

SHA-1:
349627512d0289510de0d7aad124b6b3d9efe2b7

SHA-256:
b17526675934c35646b134daea6cfdbab982215398a37ecb09764d69da4363d8

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/23/2024 3:57:34 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.TMRG (M)
16.11.2.7

File size:
528.6 KB (541,312 bytes)

Product version:
4.0.11.30 (Build 11.30)

Copyright:
Copyright © 2001-2004

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\opinionsquare\opls.dll

Digital Signature
Signed by:

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
9/1/2009 7:00:00 PM

Valid to:
9/27/2011 6:59:59 PM

Subject:
CN="TMRG, Inc.", OU=SECURE APPLICATION DEVELOPMENT, O="TMRG, Inc.", L=Reston, S=Virginia, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
0C22D897C820001A2C4C01D3AEBB98E8

File PE Metadata
Compilation timestamp:
11/8/2010 1:23:11 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:/mRCtAI1CayKi9Lb/5EKd1SqeS0xZFbVHpByqjdtN+0fJgVahvDZD9xh+Ch:/kgR1CaPqLdEK+SmZRbjde0fJ+ilBxh/

Entry address:
0x48A22

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, E5, A3, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, 55, 8B, EC, 56, 57, 8B, 7D, 10, 8B, C7, 83, E8, 00, 0F, 84, E5, 15, 00, 00, 48, 0F, 84, CD, 15, 00, 00, 48, 0F, 84, 98, 15, 00, 00, 48, 0F, 84, 49, 15, 00, 00, 48, 0F, 84, B9, 14, 00, 00, 8B, 4D, 0C, 8B, 45, 08, 53, 6A, 20, 5A, E9, 72, 04, 00, 00, 8B, 30, 3B, 31, 74, 7C, 0F, B6, 30, 0F, B6, 19, 2B, F3, 74, 15, 33, DB, 85, F6, 0F, 9F, C3, 8D, 5C, 1B, FF, 8B, F3, 85, F6, 0F, 85...
 
[+]

Entropy:
6.5389

Code size:
380 KB (389,120 bytes)

Remove opls.dll - Powered by Reason Core Security