home

ws0f64d528.dat

iMesh

Imesh, Inc.

The file ws0f64d528.dat by Imesh has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from www.initdll.de and multiple other hosts.
Publisher:
iMesh Inc  (signed by Imesh, Inc.)

Product:
iMesh

Description:
iMesh Install

Version:
12.5.0.136239

MD5:
75d4a5cfc36171dc41aa6868d65c9921

SHA-1:
375166b8f5dad90b34f45ae27ce0bc70dec5671f

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 1:52:25 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.iMesh.Toolbar
16.2.11.18

File size:
1.2 MB (1,210,576 bytes)

Product version:
12.5.0.136239

Copyright:
Copyright (C) 2015

Language:
Language Neutral

Digital Signature
Signed by:
Imesh, Inc.

Authority:
thawte, Inc.

Valid from:
10/15/2015 2:00:00 AM

Valid to:
4/7/2016 1:59:59 AM

Subject:
CN="Imesh, Inc.", O="Imesh, Inc.", L=Maplewood, S=New Jersey, C=US

Issuer:
CN=thawte SHA256 Code Signing CA - G2, O="thawte, Inc.", C=US

Serial number:
57A67BB053E0D2532F694358CA68BC4B

The file ws0f64d528.dat has been seen being distributed by the following 23 URLs.

http://www.initdll.de/.../624_imeshv10.exe

http://113.171.224.209/.../iMeshSetup-r0-n.exe

http://download.imesh.com/appid=63

http://download.imesh.com/.../iMeshV11.exe

http://download.cdn.imesh.com/cdn/r/.../iMeshSetup-r7-n-bi.exe

http://download.cdn.imesh.com/cdn/r/.../iMeshSetup-r32-n-bi.exe

http://download.cdn.imesh.com/cdn/r/.../iMeshSetup-r8-n-bi.exe

http://download.cdn.imesh.com/cdn/r/.../iMeshSetup-r20-n-bc.exe

http://download.cdn.imesh.com/cdn/r/.../iMeshSetup-r2-n-bi.exe

http://download.cdn.imesh.com/cdn/r/.../iMeshSetup-r5-n-bi.exe

http://download.cdn.imesh.com/cdn/r/.../iMeshSetup-r4-n-bi.exe

http://download.cdn.imesh.com/cdn/r/.../iMeshSetup-r9-n-bc.exe

http://download.cdn.imesh.com/cdn/r/.../iMeshSetup-r42-n-bi.exe

http://download.cdn.imesh.com/cdn/r/.../iMeshSetup-r6-n-bi.exe

http://download.cdn.imesh.com/cdn/r/.../iMeshSetup-r0-n-bf.exe

http://download.cdn.imesh.com/cdn/r/.../iMeshSetup-r1-n-bi.exe

http://download.imesh.com/.../iMeshV12.exe

http://download.cdn.imesh.com/cdn/r/.../iMeshSetup-r21-n-bi.exe

http://download.cdn.imesh.com/cdn/r/.../iMeshSetup-r63-n-bi.exe

http://download.cdn.imesh.com/cdn/r/.../iMeshSetup-r6-n-bf.exe

http://download.cdn.imesh.com/cdn/r/.../iMeshSetup-r0-n.exe

http://download.imesh.com/iMeshSetup.exe

http://download.cdn.imesh.com/cdn/r/.../iMeshSetup-r5-n-bc.exe

Remove ws0f64d528.dat - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.