home

gamemanialauncheractivex.ocx

IMI

The file gamemanialauncheractivex.ocx by IMI has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
IMI  (signed and verified)

Version:
1.0.1.4

MD5:
0fa1d3f91ecfdf325e9e891c4d120eaa

SHA-1:
25209a1266a63c916493c47b4250f786fe656efb

SHA-256:
e97231f65bd972f261a3daaaa6a2c93c307b5055200c557d2b03ce627c63e381

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/20/2024 2:09:38 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.IMI (M)
16.2.18.16

File size:
2.3 MB (2,438,272 bytes)

Product version:
1.0.1.4

File type:
OLE control extension (Win32 OCX)

Common path:
C:\windows\downloaded Program Files\gamemanialauncheractivex.ocx

Digital Signature
Signed by:
IMI

Authority:
VeriSign, Inc.

Valid from:
9/20/2011 9:00:00 AM

Valid to:
10/20/2013 8:59:59 AM

Subject:
CN=IMI, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=IMI, L=Deokjin-gu, S=Jeollabuk-do, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
06A38B57BC3AEA6CD3BADC12C68A1602

File PE Metadata
Compilation timestamp:
11/29/2011 10:07:01 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:fHJXhYmSqQrm5xeM25lfKIFRAS/8GhbsXwvCL43EwZP+T:P8m5xeM25lfKIFRAS/8GhbsXwvtk

Entry address:
0x1DCCB8

Entry point:
55, 8B, EC, 83, C4, C0, B8, 38, 12, 5D, 00, E8, 84, E5, E2, FF, E8, 6B, 97, E2, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.3178

Developed / compiled with:
Microsoft Visual C++

Code size:
1.9 MB (1,948,160 bytes)

ActiveX Install
Name:
{185A9C0C-B634-407E-991B-1462195094AB}


Remove gamemanialauncheractivex.ocx - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.