OcHelper.dll

Microsoft Office 2013

Microsoft Corporation

The library is part of Microsoft Office 2013. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Lync Click to Call BHO’.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft Office 2013

Description:
Microsoft Lync

Version:
15.0.4617.1000

MD5:
a3dd4cbdaf63e81bc54b3ffcdf7c3b25

SHA-1:
1374852c372dfee7a90928140ca8eb47f58cfb47

SHA-256:
5ae6083116623ff108681c6452cd79f67453a0c082f69f0e0f03995c2f350679

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
12/3/2016 10:42:19 AM UTC  (today)

File size:
149.7 KB (153,248 bytes)

Product version:
15.0.4617.1000

Original file name:
OcHelper.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\microsoft office\office15\ochelper.dll

Digital Signature
Authority:
Microsoft Corporation

Valid from:
1/25/2013 7:33:39 AM

Valid to:
4/25/2014 7:33:39 AM

Subject:
CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
33000000B011AF0A8BD03B9FDD0001000000B0

Registration
CLSID:
{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}

ProgID:
OCHelper.BrowserHelper.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
4/22/2014 2:51:13 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.10

CTPH (ssdeep):
3072:fxh9xET3cbqsdsV79/+8ZQJxOaRE7vr5SAo8lm0c6BptcodCJrPeZORxq9IQx8S:J9Scbq3m8SJxTCb4glmkhcxJrPeZORfq

Entry address:
0x1A718

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 1C, F4, FF, FF, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, CC, FE, FF, FF, 59, 5D, C2, 0C, 00, 6A, 10, 68, 88, DD, 01, 10, E8, AE, 04, 00, 00, 33, C0, 89, 45, E0, 89, 45, FC, 89, 45, E4, 8B, 45, E4, 3B, 45, 10, 7D, 13, 8B, 75, 08, 8B, CE, FF, 55, 14, 03, 75, 0C, 89, 75, 08, FF, 45, E4, EB, E5, C7, 45, E0, 01, 00, 00, 00, C7, 45, FC, FE, FF, FF, FF, E8, 08, 00, 00, 00, E8, B5, 04, 00, 00, C2, 14, 00, 83, 7D, E0, 00, 75, 11, FF, 75, 18, FF, 75, E4, FF, 75, 0C, FF...
 
[+]

Entropy:
6.3711

Code size:
121.5 KB (124,416 bytes)

Internet Explorer BHO
Display name:
Lync Click to Call BHO

CLSID:
{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}

CLSID name:
Lync Browser Helper


Internet Explorer Extension
Name:
{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}