× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d9deeaa7762072d5cb8f99ecea7c1acf32354ba4486f9afb01f4404149b919fd
File name: VPN-Pro.signedrm.exe
Detection ratio: 8 / 47
Analysis date: 2013-11-04 04:20:41 UTC ( 3 years, 9 months ago )
Antivirus Result Update
Yandex Trojan.Blocker!QGeiRRIY22g 20131103
AntiVir TR/Spy.Gen 20131103
Avast MSIL:BackDoor-C [Trj] 20131104
AVG Generic33.BIGC 20131103
DrWeb Trojan.DownLoader10.15702 20131104
Jiangmin Trojan/Blocker.hbg 20131103
Panda Generic Malware 20131103
Rising Backdoor.Shadow!55A1 20131104
AhnLab-V3 20131103
Antiy-AVL 20131101
Baidu-International 20131103
BitDefender 20131104
Bkav 20131102
ByteHero 20131028
CAT-QuickHeal 20131103
ClamAV 20131104
Commtouch 20131104
Comodo 20131104
Emsisoft 20131104
ESET-NOD32 20131103
F-Prot 20131104
F-Secure 20131104
Fortinet 20131104
GData 20131104
Ikarus 20131104
K7AntiVirus 20131101
K7GW 20131101
Kaspersky 20131101
Kingsoft 20130829
Malwarebytes 20131104
McAfee 20131104
McAfee-GW-Edition 20131103
Microsoft 20131104
eScan 20131028
NANO-Antivirus 20131104
Norman 20131103
nProtect 20131101
Sophos AV 20131104
SUPERAntiSpyware 20131103
Symantec 20131104
TheHacker 20131103
TotalDefense 20131101
TrendMicro 20131104
TrendMicro-HouseCall 20131104
VBA32 20131102
VIPRE 20131104
ViRobot 20131104
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright © 2013

Publisher Rick Mavrick
Product VPN-Pro
Original name VPN-Pro.exe
Internal name VPN-Pro.exe
File version 1.0.0.0
Description VPN-Pro
Signature verification Signed file, verified signature
Signing date 5:21 AM 11/4/2013
Signers
[+] Rick Mavrick
Status Valid
Issuer None
Valid from 2:50 PM 11/3/2013
Valid to 1:00 AM 11/5/2015
Valid usage Code Signing, 1.3.6.1.4.1.311.2.1.21, Lifetime Signing
Algorithm SHA1
Thumbprint 997BB62AF58F8C6A5104ED0CA72B03FD5CDF97CD
Serial number 0B A1
[+] StartCom Class 2 Primary Intermediate Object CA
Status Valid
Issuer None
Valid from 11:01 PM 10/24/2007
Valid to 11:01 PM 10/24/2017
Valid usage All
Algorithm SHA1
Thumbprint D893C4F678F891F2823CD078AA5E1C48FD1DA225
Serial number 24
[+] StartCom Certification Authority
Status Valid
Issuer None
Valid from 8:46 PM 9/17/2006
Valid to 8:46 PM 9/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm SHA1
Thumbprint 3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F
Serial number 01
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-06-15 21:41:31
Entry Point 0x001E849E
Number of sections 4
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 4
PE resources
File identification
MD5 7301d03230ca65c1680cda7a7efeb6a4
SHA1 6d9af151372956102e6ba749091ebb46d911fff0
SHA256 d9deeaa7762072d5cb8f99ecea7c1acf32354ba4486f9afb01f4404149b919fd
ssdeep
49152:DaaQPYYOQrEtAVy5/r56qfxpAFhrlfteP1BD4EaaQy:+aQPYYd8EOAqfxpehrdtePL4naQy

File size 2.0 MB ( 2069912 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Executable MS Visual C++ (generic) (35.0%)
Win64 Executable (generic) (31.0%)
Windows Screen Saver (14.7%)
Win32 Dynamic Link Library (generic) (7.3%)
Win32 Executable (generic) (5.0%)
Tags
peexe assembly signed

VirusTotal metadata
First submission 2013-11-04 04:20:41 UTC ( 3 years, 9 months ago )
Last submission 2013-11-04 04:20:41 UTC ( 3 years, 9 months ago )
File names VPN-Pro.signedrm.exe
VPN-Pro.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!