» vmntoolbar.dll
Overview
Analysis
File Details

vmntoolbar.dll

VMN Toolbar

Visicom Media Inc.

This is part of the Visicom VMN web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The module vmntoolbar.dll by Visicom Media has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

vmntoolbar.dll

Publisher:

Visicom Media Inc. (signed and verified)

Product:

VMN Toolbar

Version:

4.0.2.154

MD5:

c802f655bbcb77f91675814863689524

SHA-1:

175d10e933e6ced5a06bd0fea811a42b83769aa7

SHA-256:

f40f0ad83c00e8973eb06cc44f5838dc66c95ab9b5f7b09c93a5080caed46aed

Scanner detections:

1 / 68

Status:

Potentially unwanted

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

11/14/2024 2:48:15 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Visicom (M)

16.9.22.1

File size:

1.4 MB (1,464,624 bytes)

Product version:

4.0

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\vmntoolbar\vmntoolbar.dll

Digital Signature

Signed by:

Visicom Media Inc.

Authority:

Thawte Consulting (Pty) Ltd.

Subject:

CN=Visicom Media Inc., OU=Secure Application Development, O=Visicom Media Inc., L=Brossard, S=Quebec, C=CA

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

3F88F4

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:/GVBTIGkanb/zIYqi33UOrEfq164wBud1VPiUbGGmcyjrmNByjk:/GzZT/zIYqQUR41VBmcyjrmNIk

Entry address:

0x12FF90

Entry point:

55, 8B, EC, 83, C4, C4, B8, 60, FB, 52, 00, E8, A8, 74, ED, FF, 83, 3D, 6C, 36, 53, 00, 00, 75, 14, B8, 64, FA, 52, 00, A3, 6C, 36, 53, 00, B8, 01, 00, 00, 00, E8, A7, FA, FF, FF, E8, 5E, 4C, ED, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 8D, 40, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

1.2 MB (1,241,088 bytes)

Remove vmntoolbar.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.