idmsqext.dll

Internet Download Manager²

OR Interactive Ltd

It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Idmsq Extension’.
Publisher:
OR Interactive Ltd  (signed and verified)

Product:
Internet Download Manager²

Description:
Next generation download accelerator and manager with built-in media manager and player and unparalleled security features

Version:
1.0.0.1

MD5:
1b619c0280ea102d4961f00c1d11366c

SHA-1:
abaaa0ffbe4275a2edf962b7c5041b26a42bd3da

Scanner detections:
1 / 68

Status:
Inconclusive but possibly unwanted  (There is not enough data for a 100% detection)

Analysis date:
3/20/2014 5:17:22 PM UTC  (eight months ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.BHO.ORInteractive.I
14.3.20.13

File size:
246.1 KB (251,968 bytes)

Product version:
1.0.0.1

Copyright:
Copyright © 2013. All rights reserved.

Original file name:
idmsqext.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Documents and Settings\user\Application data\idmsq\idmsqext.dll

Digital Signature
Authority:
Symantec Corporation

Valid from:
9/23/2013 8:00:00 PM

Valid to:
10/9/2015 7:59:59 PM

Subject:
CN=OR Interactive Ltd, O=OR Interactive Ltd, L=Tel Aviv, S=Tel Aviv, C=IL, SERIALNUMBER=513532689, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=IL

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
3357D3B663AC98667EAF8311A14D9441

Registration
CLSIDs:
{3AA4FC9D-FB51-44a2-B09F-0457857CA7C2}, {4E63331F-BEED-4BD8-828F-72F18D73BE92}

ProgID:
Idmsq.Extension.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
10/24/2013 11:46:30 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:b6N024wOBwuPBrk9h1krIIX+3CCFieFBioxTVZ+Ss/eDWLN+7F87+TA3Y35Y:9lwy5riTe+gccoxb+JGDWLNa0Z

Entry address:
0x18526

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 91, 75, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 6A, 0C, 68, 10, 51, 03, 10, E8, 2F, 04, 00, 00, 6A, 0E, E8, 73, 1B, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08, 8B, 4E, 04, 85, C9, 74, 2F, A1, A4, 9E, 03, 10, BA, A0, 9E, 03, 10, 89, 45, E4, 85, C0, 74, 11, 39, 08, 75, 2C, 8B, 48, 04, 89, 4A, 04, 50, E8, 07, EE, FF, FF, 59, FF, 76, 04, E8, FE, ED, FF, FF, 59, 83, 66, 04, 00, C7, 45, FC, FE, FF, FF, FF, E8, 0A, 00, 00, 00...
 
[+]

Entropy:
6.5353

Code size:
170 KB (174,080 bytes)

Internet Explorer BHO
Display name:
Idmsq Extension

CLSID:
{3AA4FC9D-FB51-44a2-B09F-0457857CA7C2}


1 / 68      (inconclusive)
IDM2.exe  (326ffe010703c35193069266df178b7fe444f440)

1 / 68      (inconclusive)
setup.exe  (0488e6710b50783aeb19e8fbcd657952c7e631bb)

1 / 68      (inconclusive)
idm2app.exe  (5cb2d6d8739290d54a236f5a276f9a14c0007856)

Distribution by Country