home

Interop.IWshRuntimeLibrary.dll

Assembly imported from type library 'IWshRuntimeLibrary'.

Stampede Technologies

Interop.IWshRuntimeLibrary.dll is the library is an interop assembly of the IWshRuntimeLibrary and is recompiled by Stampede Technologies. The file Interop.IWshRuntimeLibrary.dll, re-signed by Stampede Technologies, is an Interop assembly that has been intergated by a 3rd-party into a .Net application, even though the assembly itself is most likely safe, it has been recompiled by a potentially unwanted program. Although a detection has been made for this resource, it is generally a commonly distributed 3rd-party library and is typically safe by itself.
Publisher:
Stampede Technologies  (signed and verified)

Product:
Assembly imported from type library 'IWshRuntimeLibrary'.

Version:
1.0.0.0

MD5:
5504c77ad8f993da768b7723297f93dd

SHA-1:
8f8ec855722abd1b1cbcbb45454dc7e133bac2b6

SHA-256:
e27bb6468470f2fbf991f8387008e0876fc46b5344fbb43fc876f28b5bfbb9ea

Scanner detections:
8 / 68

Status:
Adware

Explanation:
This is the library is an interop assembly of the IWshRuntimeLibrary. While the file itself is not dangerous, it is part of a program that has been detected.

Analysis date:
4/17/2024 11:35:37 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Avira AntiVirus
Adware/CrossRider.pl
7.11.168.230

IKARUS anti.virus
Trojan.GoogUpdate
t3scan.1.7.5.0

Kaspersky
Trojan.NSIS.GoogUpdate
14.0.0.3365

Panda Antivirus
Trj/Chgt.D
14.08.22.10

Qihoo 360 Security
Win32/Trojan.838
1.0.0.1015

Reason Heuristics
PUP.ResignedInterop.StampedeTechnologies.Z
14.8.25.2

Sophos
Generic PUA IP
4.98

Vba32 AntiVirus
Trojan.GoogUpdate
3.12.26.3

File size:
52.4 KB (53,624 bytes)

Product version:
1.0.0.0

Original file name:
Interop.IWshRuntimeLibrary.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\cinemap-1.4\interop.iwshruntimelibrary.dll

Digital Signature
Signed by:
Stampede Technologies

Authority:
COMODO CA Limited

Valid from:
7/27/2014 5:00:00 PM

Valid to:
7/28/2015 4:59:59 PM

Subject:
CN=Stampede Technologies, O=Stampede Technologies, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0CC7970117FD591A57609D71BEE0FCB8

File PE Metadata
Compilation timestamp:
5/29/2014 2:17:51 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:Cx3LY+sPhWVJPsedLVDUYlkXrSXVteUdztHK2z9IkCB0QtcNgY6jb:CL9nVJEetVDUxSp1K2z9ID03gff

Entry address:
0xA83E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.9229

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
36 KB (36,864 bytes)

Remove Interop.IWshRuntimeLibrary.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.