× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 829e137279f691e493c211108b62c8e15b079bd619ba19ad388450878e0585d0
File name: VPN-Pro.exe
Detection ratio: 49 / 57
Analysis date: 2016-12-14 22:19:51 UTC ( 3 months, 2 weeks ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Kazy.187936 20161214
AegisLab Troj.Ransom.W32.Blocker.bkfc!c 20161214
AhnLab-V3 Trojan/Win32.Blocker.C229364 20161214
ALYac Gen:Variant.Kazy.187936 20161214
Antiy-AVL Trojan[Ransom]/Win32.Blocker 20161214
Arcabit Trojan.Kazy.D2DE20 20161214
Avast MSIL:Agent-AKC [Trj] 20161214
AVG Generic33.BIGC 20161214
Avira (no cloud) TR/Spy.Gen 20161214
AVware Trojan.Win32.Generic!BT 20161214
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9956 20161207
BitDefender Gen:Variant.Kazy.187936 20161214
Bkav W32.Clod4bf.Trojan.4e4a 20161214
CAT-QuickHeal Trojan.Gendemal 20161214
CMC Trojan-Ransom.Win32.Blocker!O 20161214
Comodo UnclassifiedMalware 20161214
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20161024
Cyren W32/GenBl.8EDA7DFA!Olympus 20161214
DrWeb Trojan.DownLoader10.15702 20161214
Emsisoft Gen:Variant.Kazy.187936 (B) 20161214
ESET-NOD32 a variant of MSIL/TrojanDropper.Agent.ABS 20161214
F-Secure Gen:Variant.Kazy.187936 20161214
Fortinet W32/Blocker.BKFC!tr 20161214
GData Gen:Variant.Kazy.187936 20161214
Ikarus Trojan-Dropper.MSIL.Agent 20161214
Invincea trojan.win32.dacic.a!rfn 20161202
Jiangmin Trojan/Blocker.euc 20161214
K7AntiVirus Trojan ( 004a942f1 ) 20161214
K7GW Trojan ( 004a942f1 ) 20161214
Kaspersky Trojan-Ransom.Win32.Blocker.bkfc 20161214
Kingsoft Win32.Troj.Undef.(kcloud) 20161214
Malwarebytes Trojan.Dropper 20161214
McAfee Artemis!8EDA7DFA4EC4 20161214
McAfee-GW-Edition Artemis!Trojan 20161214
Microsoft Trojan:MSIL/Gendemal 20161214
eScan Gen:Variant.Kazy.187936 20161214
NANO-Antivirus Trojan.Win32.Blocker.cqktgq 20161214
nProtect Trojan/W32.Blocker.2065408 20161214
Panda Generic Malware 20161214
Qihoo-360 Win32/Trojan.Ransom.8bf 20161214
Rising Trojan.Generic-ttHrSdRpYAL (cloud) 20161214
Sophos Mal/Generic-S 20161214
Symantec Trojan.Gen 20161214
Tencent Win32.Trojan.Blocker.Efve 20161214
TrendMicro TROJ_DROPPR.SS 20161214
TrendMicro-HouseCall TROJ_DROPPR.SS 20161214
ViRobot Dropper.S.Agent.2065408[h] 20161214
Yandex Trojan.Blocker!QGeiRRIY22g 20161214
Zillya Trojan.Blocker.Win32.10745 20161214
Alibaba 20161214
ClamAV 20161214
F-Prot 20161214
SUPERAntiSpyware 20161214
TheHacker 20161214
TotalDefense 20161214
Trustlook 20161214
VBA32 20161214
VIPRE 20161214
WhiteArmor 20161212
Zoner 20161214
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2013

Product VPN-Pro
Original name VPN-Pro.exe
Internal name VPN-Pro.exe
File version 1.0.0.0
Description VPN-Pro
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-06-15 21:41:31
Entry Point 0x001E849E
Number of sections 4
.NET details
Module Version ID e95ce212-f0ef-464f-953b-0e6d97ad60df
TypeLib ID b51b89fd-27d1-4631-a8ab-848220782cdb
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 4
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
72192

EntryPoint
0x1e849e

OriginalFileName
VPN-Pro.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2013

FileVersion
1.0.0.0

TimeStamp
2013:06:15 22:41:31+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
VPN-Pro.exe

ProductVersion
1.0.0.0

FileDescription
VPN-Pro

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
1992192

ProductName
VPN-Pro

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 8eda7dfa4ec4ac975bb12d2a3186bbeb
SHA1 b5c49bbbf7499a30110adc94480b3edbc8d6e92b
SHA256 829e137279f691e493c211108b62c8e15b079bd619ba19ad388450878e0585d0
ssdeep
49152:IaaQPYYOQrEtAVy5/r56qfxpAFhrlfteP1BD4EaaQ:TaQPYYd8EOAqfxpehrdtePL4naQ

authentihash 8edae25e50e1873573212185dc80e8ed9a5c55cef66cea88a494fc0c92eb3e63
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 2.0 MB ( 2065408 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (45.1%)
Win32 Executable MS Visual C++ (generic) (19.2%)
Win64 Executable (generic) (17.0%)
Windows screen saver (8.0%)
Win32 Dynamic Link Library (generic) (4.0%)
Tags
peexe assembly

VirusTotal metadata
First submission 2013-06-15 22:45:33 UTC ( 3 years, 9 months ago )
Last submission 2016-10-12 15:47:18 UTC ( 5 months, 2 weeks ago )
File names 8eda7dfa4ec4ac975bb12d2a3186bbeb.exe
829E137279F691E493C211108B62C8E15B079BD619BA19AD388450878E0585D0.exe
VPN-Pro.exe
VPN-Pro.exe
8EDA7DFA4EC4AC975BB12D2A3186BBEB
file-5932656_exe
879514db-811a-411b-9332-9255828b4987
VPN-Pro.exe
a1664fe7-4bba-459e-9806-f8adf431d59b
vpn-pro.exe
8eda7dfa4ec4ac975bb12d2a3186bbeb
Trojan-Ransom.Win32.Blocker.bkfc .exe
05.exe
VPN-Pro.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!