home

Interop.WMPLib.dll

Assembly imported from type library 'WMPLib'.

ReSoft LTD.

The file Interop.WMPLib.dll, re-signed by ReSoft LTD., is an Interop assembly that has been intergated by a 3rd-party into a .Net application, even though the assembly itself is most likely safe, it has been recompiled by a potentially unwanted program.
Publisher:
ReSoft LTD.  (signed and verified)

Product:
Assembly imported from type library 'WMPLib'.

Version:
1.0.0.0

MD5:
f0ccb438c9602d2277a0c89eaaa0d752

SHA-1:
0942ab0ef8e6216f82c6c190762800c907aefb4f

SHA-256:
89beabb0950ff8aa3f079b578d17ee9f99e8f47c2da07d1e2ebfbd468a116d47

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/24/2024 12:08:36 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Resoft.ResignedInterop (M)
16.2.15.5

File size:
342.6 KB (350,792 bytes)

Product version:
1.0.0.0

Original file name:
Interop.WMPLib.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\smartbar\application\interop.wmplib.dll

Digital Signature
Signed by:
ReSoft LTD.

Authority:
COMODO CA Limited

Valid from:
7/30/2012 1:00:00 AM

Valid to:
7/31/2013 12:59:59 AM

Subject:
CN=ReSoft LTD., O=ReSoft LTD., STREET=4th Hanevi'im, L=Tel Aviv, S=Israel, PostalCode=64356, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
7ABDE829D4244ADA77EE42C7A70C0FA3

File PE Metadata
Compilation timestamp:
11/28/2012 6:43:15 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:Ws9ufI5qL01WVCIvrYwtQ/ipcL+143qREjmdgvyZsbOlIn6BUz2NwfCJ8reVYXKQ:Ws9ufI5qL01WVCIvrYwtQ/ipcL+143qw

Entry address:
0x51FFE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.7100

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
324 KB (331,776 bytes)

Remove Interop.WMPLib.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.