home

Interop.IWshRuntimeLibrary.dll

Assembly imported from type library 'IWshRuntimeLibrary'.

Stampede Technologies

Interop.IWshRuntimeLibrary.dll is the library is an interop assembly of the IWshRuntimeLibrary and is recompiled by Stampede Technologies. The file Interop.IWshRuntimeLibrary.dll, re-signed by Stampede Technologies, is an Interop assembly that has been intergated by a 3rd-party into a .Net application, even though the assembly itself is most likely safe, it has been recompiled by a potentially unwanted program. Although a detection has been made for this resource, it is generally a commonly distributed 3rd-party library and is typically safe by itself.
Publisher:
Stampede Technologies  (signed and verified)

Product:
Assembly imported from type library 'IWshRuntimeLibrary'.

Version:
1.0.0.0

MD5:
b05b202eb58c1e7446ffd59080cc18b3

SHA-1:
488628744114f43b6cecac4922267ba1097b01d3

SHA-256:
4db6cb4bf1f0132d311816c978be1d85e4d5ed63cc88eeeae3dbeab91fbeabe6

Scanner detections:
11 / 68

Status:
Adware

Explanation:
This is the library is an interop assembly of the IWshRuntimeLibrary. While the file itself is not dangerous, it is part of a program that has been detected.

Analysis date:
4/25/2024 7:37:54 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
Adware/CrossRider.pl
7.11.170.208

AVG
Stampede
2015.0.3348

Baidu Antivirus
Adware.Win32.GoogUpdate
4.0.3.14917

Kaspersky
Trojan.NSIS.GoogUpdate
14.0.0.3235

McAfee
Artemis!B05B202EB58C
5600.7004

Panda Antivirus
Trj/Chgt.E
14.09.17.09

Qihoo 360 Security
Win32/Virus.Adware.960
1.0.0.1015

Reason Heuristics
PUP.ResignedInterop.StampedeTechnologies.Z
14.9.17.21

Sophos
Generic PUA EI
4.98

Vba32 AntiVirus
Trojan.GoogUpdate
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
32794

File size:
52.4 KB (53,624 bytes)

Product version:
1.0.0.0

Original file name:
Interop.IWshRuntimeLibrary.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\hd-v1.9\interop.iwshruntimelibrary.dll

Digital Signature
Signed by:
Stampede Technologies

Authority:
COMODO CA Limited

Valid from:
7/28/2014 8:00:00 AM

Valid to:
7/29/2015 7:59:59 AM

Subject:
CN=Stampede Technologies, O=Stampede Technologies, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0CC7970117FD591A57609D71BEE0FCB8

File PE Metadata
Compilation timestamp:
5/29/2014 5:17:51 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:Gx3LY+sPhWVJPsedLVDUYlkXrSXVteUdztHK2z9IkCB0QtcNgY6j1:OL9nVJEetVDUxSp1K2z9ID03gfR

Entry address:
0xA83E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.9218

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
36 KB (36,864 bytes)

Remove Interop.IWshRuntimeLibrary.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.