home

pmxg.dll

PremierOpinion

Voicefive Networks, Inc.

The component is part of the TMRG platform which will track various behaviors of web browsing habits including tracking sites and domains visited as well as ads clicked. The module pmxg.dll by Voicefive Networks has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory.
Publisher:
Voicefive Networks, Inc.  (signed and verified)

Product:
PremierOpinion

Version:
1, 3, 331, 6

MD5:
551f2cb54d98df4c903321bba73397c3

SHA-1:
1d017a962d7eda6c6a282db08137633447b5b770

SHA-256:
da9807a61545ca2a13394e934bf3340113d07d5c84899fca978cbd977532ffe7

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/2/2024 1:41:26 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.TMRG.VoicefiveNetworks (M)
15.12.9.21

File size:
221 KB (226,344 bytes)

Product version:
1, 3, 331, 6

Copyright:
Copyright (C) 2001-2008

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\pmxg.dll

Digital Signature
Signed by:
Voicefive Networks, Inc.

Authority:
Thawte, Inc.

Valid from:
7/27/2011 8:00:00 PM

Valid to:
7/27/2013 7:59:59 PM

Subject:
CN="Voicefive Networks, Inc.", O="Voicefive Networks, Inc.", L=Reston, S=Virginia, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
5CD88A0E7C5DFF13A6D5D79E1406B94B

File PE Metadata
Compilation timestamp:
10/18/2011 1:39:06 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:ycLMoM19tJYXxS5UiMpVrOWoWNC0uDxqJsOgURx3tTzVHPP1T:Q1JaxL/pVrOBWn2EqU1zBh

Entry address:
0x109D4

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, 0D, 90, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9...
 
[+]

Entropy:
6.3416

Code size:
144 KB (147,456 bytes)

Remove pmxg.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.