nmgts.dll

DivineMedia Inc.

The module nmgts.dll by DivineMedia has been detected as adware by 33 anti-malware scanners.
Remove nmgts.dll - Powered by Reason Core Security
Publisher:
DivineMedia Inc.  (signed and verified)

Version:
2013.11.21.1

MD5:
c22404f734adb2dcfd486e9814435565

SHA-1:
6314dceb1414b32d65352d941b6cede1b2305d96

SHA-256:
c390019f76a2da2f2b06b537ade38d17650d0071464aeb3b6d67528d10b02f49

Scanner detections:
33 / 68

Status:
Adware

Analysis date:
12/10/2016 7:59:45 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Symmi.36013
969

Agnitum Outpost
PUA.Kraddare
7.1.1

AhnLab V3 Security
PUP/Win32.HubHelper
14.06.10

Avira AntiVirus
Adware/AgentCV.azc.58
7.11.141.40

Antiy Labs AVL
Trojan/Win32.SGeneric
0.1.0.1

avast!
Win32:Adware-AZC [Adw]
2014.9-140610

Bitdefender
Gen:Variant.Adware.Symmi.36013
1.0.20.805

CMC Antivirus
Hoax.Win32.BadJoke.ScreenFlicker!O
1.1.0.977

Comodo Security
ApplicUnwnt
18041

Emsisoft Anti-Malware
Gen:Variant.Adware.Symmi.36013
8.14.06.10.06

ESET NOD32
Win32/AdWare.Kraddare.JP (variant)
8.9633

Fortinet FortiGate
Riskware/Kraddare
6/10/2014

F-Secure
Gen:Variant.Adware.Symmi.36013
11.2014-10-06_3

G Data
Gen:Variant.Adware.Symmi.36013
14.6.24

IKARUS anti.virus
Win32.AdWare.AZC
t3scan.2.2.29

McAfee
Artemis!C22404F734AD
5600.7103

McAfee Web Gateway
Heuristic.BehavesLike.Win32.Suspicious-BAY.G
7.7103

MicroWorld eScan
Gen:Variant.Adware.Symmi.36013
15.0.0.483

nProtect
Adware/W32.KrAdword.681944
14.04.03.01

Reason Heuristics
PUP.DivineMedia.F
14.8.8.0

VIPRE Antivirus
Trojan.Win32.Generic
28000

Remove nmgts.dll - Powered by Reason Core Security
File size:
666 KB (681,944 bytes)

Product version:
2013.11.21.1

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\mg internet platform\nmgts.dll

Digital Signature
Authority:
Thawte, Inc.

Valid from:
12/3/2012 6:00:00 PM

Valid to:
1/3/2015 5:59:59 PM

Subject:
CN=DivineMedia Inc., OU=Planning Dept, O=DivineMedia Inc., L=Guro-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
70D6D72340C00A54AEEB109E10818B2B

File PE Metadata
Compilation timestamp:
11/21/2013 1:54:59 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:vWC0IdZpq3RGFwI+sQHtiNvaL7MPtnwvrRulEuoBE26KA8zMJY8:dSRcv+4paLo9wzRmEuoZAl

Entry address:
0x1FD001

Entry point:
60, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, D0, 1F, 00, 83, BD, 88, 04, 00, 00, 00, 89, 9D, 88, 04, 00, 00, 0F, 85, CB, 03, 00, 00, 8D, 85, 94, 04, 00, 00, 50, FF, 95, A9, 0F, 00, 00, 89, 85, 8C, 04, 00, 00, 8B, F0, 8D, 7D, 51, 57, 56, FF, 95, A5, 0F, 00, 00, AB, B0, 00, AE, 75, FD, 38, 07, 75, EE, 8D, 45, 7A, FF, E0, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 56, 69, 72, 74, 75, 61, 6C, 46, 72, 65, 65, 00, 56, 69, 72, 74...
 
[+]

Entropy:
7.9898

Packer / compiler:
ASPack v2.12

Code size:
1.7 MB (1,780,224 bytes)

Remove nmgts.dll - Powered by Reason Core Security