home

prxg.dll

PermissionResearch

TMRG, Inc.

The component is part of the TMRG platform which will track various behaviors of web browsing habits including tracking sites and domains visited as well as ads clicked. The module prxg.dll by TMRG has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
TMRG, Inc.  (signed and verified)

Product:
PermissionResearch

Version:
1, 3, 323, 1

MD5:
ed067f6e0a01a12110a149f8f14ff493

SHA-1:
03c3568be3d48341f3d2b3105bb1d8cbf502d452

SHA-256:
0d34bc700e46ae23380d6cfda6c9af2089c28ac6e28e795df40e20ef7f3f2644

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/24/2024 3:13:50 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.TMRG (M)
16.9.7.6

File size:
116.6 KB (119,424 bytes)

Product version:
1, 3, 323, 1

Copyright:
Copyright (C) 2001-2008

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\windows\temp\{random}.tmp\prxg.dll

Digital Signature
Signed by:
TMRG, Inc.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
7/16/2007 5:00:00 PM

Valid to:
9/27/2009 4:59:59 PM

Subject:
CN="TMRG, Inc.", OU=SECURE APPLICATION DEVELOPMENT, O="TMRG, Inc.", L=Reston, S=Virginia, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
02491544000D8C9D63F061B1EBAE8466

File PE Metadata
Compilation timestamp:
3/31/2009 7:55:04 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
1536:pOExwid4FuLdtNdm2CUZSHEiA7Suk6c9yGzO6iltguGwNTsUGAx2O7iGHiqCRKCQ:53VyljqtgpwFmAx2O7iGCVRXQ

Entry address:
0xF623

Entry point:
6A, 0C, 68, 50, 2E, 01, 10, E8, 81, 02, 00, 00, 33, C0, 40, 89, 45, E4, 33, FF, 89, 7D, FC, 8B, 75, 0C, 3B, F7, 75, 0C, 39, 3D, 2C, 72, 01, 10, 0F, 84, AC, 00, 00, 00, 3B, F0, 74, 05, 83, FE, 02, 75, 31, A1, 54, 72, 01, 10, 3B, C7, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D0, 89, 45, E4, 39, 7D, E4, 0F, 84, 85, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, E5, FE, FF, FF, 89, 45, E4, 3B, C7, 74, 72, 8B, 5D, 10, 53, 56, FF, 75, 08, E8, FC, 01, 00, 00, 89, 45, E4, 83, FE, 01, 75, 0E, 3B, C7, 75, 0A, 53, 57, FF...
 
[+]

Entropy:
5.6310

Developed / compiled with:
Microsoft Visual C++ v7.1

Code size:
68 KB (69,632 bytes)

Remove prxg.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.