home

cfgmgr.exe

cfgmgr

NetZone Info-Tech Co., Ltd., Shanghai

The application cfgmgr.exe by NetZone Info-Tech Co.,, Shanghai has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
NETZONE Corp.  (signed by NetZone Info-Tech Co., Ltd., Shanghai)

Product:
cfgmgr

Version:
6.2.0.2894

MD5:
2cde8f0a6147f3d9c5117a2e5d387120

SHA-1:
af1527bf932af87f4ff9a702a12309af63e0464c

SHA-256:
a714f2448458955bd9443253ff2ab49cfdc29420d5d3a5b2bb0e7c134c9f81ee

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/30/2024 1:25:11 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.NetZoneI
17.3.2.17

File size:
799.1 KB (818,264 bytes)

Product version:
6.2.0.2894

Copyright:
Copyright (C) NETZONE Corp. 2008-2009

Original file name:
cfgmgr

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\syswow64\cfgmgr.exe

Digital Signature
Signed by:
NetZone Info-Tech Co., Ltd., Shanghai

Authority:
VeriSign, Inc.

Valid from:
7/25/2014 8:00:00 AM

Valid to:
10/25/2015 7:59:59 AM

Subject:
CN="NetZone Info-Tech Co., Ltd., Shanghai", OU=IT, O="NetZone Info-Tech Co., Ltd., Shanghai", L=Shanghai, S=Shanghai, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2BB3BEA0B887375E383FD6239CB02BDF

File PE Metadata
Compilation timestamp:
6/20/1992 6:22:17 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x1CF56E

Entry point:
60, E8, 07, D2, FF, FF, 00, 00, 47, 65, 74, 43, 6C, 61, 73, 73, 49, 6E, 66, 6F, 41, 00, 37, 8B, EC, A4, BB, A4, 7B, E9, 58, 7A, 3B, 7F, 51, 6E, 53, 62, 7D, 3F, 78, 69, 39, A2, E5, 9C, 2A, 49, C8, 94, 43, 85, 7E, EC, 31, 1D, EE, 45, 76, 17, 6A, 1C, 40, D9, F1, FF, 55, 6C, 73, 19, 0F, BE, F3, EB, D3, E3, E6, F6, CE, ED, E0, D8, FE, C6, EC, CB, 03, 2B, 92, 93, 0B, BB, 24, 57, 2E, 8C, FA, 13, 3D, 87, 60, 62, AA, F9, C2, DF, DB, 36, 92, CA, 48, B8, 43, 97, 01, 7B, 2C, A8, 74, 18, 42, 7B, 9D, 2C, A9, 1D, BA, 3E...
 
[+]

Entropy:
7.9619

Packer / compiler:
ASPack v1.08.04

Code size:
521 KB (533,504 bytes)

Remove cfgmgr.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.