home

bvpn.exe

bVPN

Dari International

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘bVPN’.
Publisher:
bVPN Service  (signed by Dari International)

Product:
bVPN

Version:
1,3,0

MD5:
cf590afb8ee5d78fb7418bb107edac0b

SHA-1:
de551e386ebe096ba57dc84c3ec228bbf7fd007b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/16/2024 12:13:57 PM UTC  (today)

File size:
1 MB (1,100,720 bytes)

Product version:
1,3,0

Copyright:
(c)2015 bVPN All rights reserved.

Original file name:
bvpn.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\bvpn service\bvpn\bvpn.exe

Digital Signature
Signed by:
Dari International

Authority:
COMODO CA Limited

Valid from:
3/8/2012 2:00:00 AM

Valid to:
3/9/2017 1:59:59 AM

Subject:
CN=Dari International, O=Dari International, STREET=Irene Vorrinkstraat 269, L=Nijmegen, S=Gelderland, PostalCode=6535NA, C=NL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00BB74D227A623223023771D1D334BEAF8

File PE Metadata
Compilation timestamp:
2/25/2015 7:01:34 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:a+7/yG/XhZxVl6THSb75GAOjXBZrZfOU5W+B04U3lp9lDSoZlqo:a+7/yG/XIybcjRZrgU5jBKH9ZSoZ3

Entry address:
0x2557E

Entry point:
E8, 90, 04, 00, 00, E9, 63, FD, FF, FF, FF, 25, C0, 60, 43, 00, FF, 25, BC, 60, 43, 00, FF, 25, B8, 60, 43, 00, CC, CC, CC, CC, CC, CC, 68, F9, 55, 42, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, FC, 9A, 4A, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, 8B, FF, 55, 8B, EC...
 
[+]

Entropy:
6.4573

Code size:
209 KB (214,016 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
bVPN

Command:
"C:\Program Files\bvpn service\bvpn\bvpn.exe"


Scan bvpn.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.