home

npgpi.dll

GameMania Launcher Plugin 1.0.0.1

IMI

The module npgpi.dll, “GameMania Launcher Plugin” by IMI has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is installed within the Mozilla Firefox web browser as an extension/plugin as ‘@gamemania.co.kr/npGPI’.
Publisher:
IMI  (signed and verified)

Product:
GameMania Launcher Plugin 1.0.0.1

Description:
GameMania Launcher Plugin

Version:
1, 0, 0, 1

MD5:
0058745d6ab6a0affe48d49f4e19f007

SHA-1:
4a691bcf8e669bb28dfd9d97a22076d67233f163

SHA-256:
26d09debcebd560c44c7af4da216aadd147c6f143b5d3c3281992206e6813ddc

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 4:10:33 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.IMI (M)
16.1.13.19

File size:
176.1 KB (180,352 bytes)

Product version:
1, 0, 0, 1

Copyright:
imi. Copyright(C) 2013

Original file name:
npgpi.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\ProgramData\gamemania\npgpi\npgpi.dll

Digital Signature
Signed by:
IMI

Authority:
VeriSign, Inc.

Valid from:
9/20/2011 9:00:00 AM

Valid to:
10/20/2013 8:59:59 AM

Subject:
CN=IMI, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=IMI, L=Deokjin-gu, S=Jeollabuk-do, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
06A38B57BC3AEA6CD3BADC12C68A1602

File PE Metadata
Compilation timestamp:
6/21/2013 11:51:35 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1536:HKKJa5C+URFibV8TefXW8XLIPX2blwsJMiOBLBWCcBVgtbcRKKdIwtUw59KA23rq:4Cp+9uZyJ0fwtP9XLiKdqfPxtmIw

Entry address:
0x570C

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, D2, 3C, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, 8B, C1, 83, 60, 04, 00, 83, 60, 08, 00, C7, 00, 8C, 09, 02, 10, C3, 53, 8B, 5C, 24, 08, 56, 57, 8B, F9, C7, 07, 8C, 09, 02, 10, 8B, 03, 85, C0, 74, 26, 50, E8, 27, 3D, 00, 00, 8B, F0, 46, 56, E8, 0C, 03, 00, 00, 85, C0, 59, 59, 89, 47, 04, 74, 12, FF, 33, 56, 50, E8, E6, F6, FF, FF, 83, C4, 0C, EB, 04, 83, 67, 04, 00, C7, 47, 08, 01, 00, 00, 00, 8B, C7, 5F, 5E, 5B, C2, 04, 00...
 
[+]

Entropy:
6.5321

Code size:
124 KB (126,976 bytes)

Mozilla Plugin
Name:
@gamemania.co.kr/npGPI


Remove npgpi.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.