home

PriceGongIE.dll

PriceGong Software Ltd

It is part of PriceGong, a web browser extension designed to show competative prices based on the context of the products being displayed in the user's web browser. The module PriceGongIE.dll by PriceGong Software has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
PriceGong  (signed by PriceGong Software Ltd)

Product:
PriceGong

Version:
3.6.12.0

MD5:
270038e45cd05d1db7175f57bfa587e9

SHA-1:
ed403ff207fa04356a671044308f2e7e4edcc719

SHA-256:
37a1651b13f409582d1b42f5e2f81035dd9cda08fb90f34a425d1addd822c15b

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Displays offers (for product and services) of certain deals related to the search terms or context of a webpage which are popups outside the normal browser content.

Analysis date:
11/23/2024 7:32:32 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.PriceGong (M)
17.2.7.16

File size:
529 KB (541,695 bytes)

Product version:
3.6.12.0

Copyright:
PriceGong

Original file name:
PriceGongIE.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\locallow\freeonlineradioplayerrecorder\plugins\{5e1360dc-8fa8-40df-a8cd-fc3831b3634b}\3.6.12\bin\pricegongie.dll

Digital Signature
Signed by:
PriceGong Software Ltd

Authority:
VeriSign, Inc.

Valid from:
1/3/2012 4:00:00 PM

Valid to:
1/22/2015 3:59:59 PM

Subject:
CN=PriceGong Software Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=PriceGong Software Ltd, L=Ramat Gan, S=Israel, C=IL

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3E14F71A0038C4E90BB8AAE1500BB078

File PE Metadata
Compilation timestamp:
4/17/2013 5:23:56 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x3EFD6

Entry point:
E9, E6, 90, 00, 00, 83, 7D, 0C, 01, 75, 05, E8, 58, 76, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 83, EC, 0C, A1, 44, 6E, 06, 10, 33, C5, 89, 45, FC, 53, 56, 57, 8B, 7D, 08, 85, FF, 75, 14, E8, 7D, 0F, 00, 00, 6A, 16, 5E, 89, 30, E8, AE, 27, 00, 00, E9, 3A, 01, 00, 00, FF, 75, 0C, 57, E8, D4, 78, 00, 00, 59, 59, 3B, 45, 0C, 72, 05, C6, 07, 00, EB, D7, 8B, 5D, 10, 8B, 03, 8B, 48, 14, 85, C9, 75, 22, 80, 3F, 00, 8B, CF, 74, 14, 8A, 01, 3C, 41, 7C...
 
[+]

Entropy:
6.8170

Packer / compiler:
Xtreme-Protector v1.05

Code size:
328.5 KB (336,384 bytes)

Remove PriceGongIE.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.