home

connect_sdlmgr.exe

Connect

YTL Communications Sdn. Bhd.

The executable connect_sdlmgr.exe, “Software Download Manager Application” has been detected as malware by 7 anti-virus scanners.
Publisher:
YTL Communications  (signed by YTL Communications Sdn. Bhd.)

Product:
Connect

Description:
Software Download Manager Application

Version:
1.9.3.0

MD5:
c703b2047098c6b7ef8752a446fb1174

SHA-1:
1316d3105b3b95138d292da890b41547dc5d3750

SHA-256:
55e84e81c755d9447fe46a39d6e46910dbd0e65985bb0caa82a6caac41bfe77e

Scanner detections:
7 / 68

Status:
Malware

Analysis date:
4/26/2024 5:27:03 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Graftor.126557
6386702

Bitdefender
Gen:Variant.Graftor.126557
1.0.20.110

Emsisoft Anti-Malware
Gen:Variant.Graftor.126557
9.0.0.4799

F-Secure
Gen:Variant.Graftor.126557
5.13.68

G Data
Gen:Variant.Graftor.126557
15.1.24

MicroWorld eScan
Gen:Variant.Graftor.126557
16.0.0.66

Norman
Gen:Variant.Graftor.126557
02.01.2015 13:58:24

File size:
372 KB (380,968 bytes)

Product version:
1.9.3.0

Copyright:
(c) YTL Communications. All rights reserved.

Original file name:
connect_sdlmgr.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\yes\connect\connect_sdlmgr.exe

Digital Signature
Signed by:
YTL Communications Sdn. Bhd.

Authority:
DigiCert Inc

Valid from:
6/27/2013 5:00:00 PM

Valid to:
9/2/2015 5:00:00 AM

Subject:
CN=YTL Communications Sdn. Bhd., O=YTL Communications Sdn. Bhd., L=Kuala Lumpur, S=Kuala Lumpur, C=MY

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0B41BABC765C9F5AEF91D546E4972369

File PE Metadata
Compilation timestamp:
10/1/2014 12:48:14 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
12.0

CTPH (ssdeep):
3072:MXBAg499jhIRgAoxaC5ROF2PXEOk69sCBE/MUiI3WETULYZj1zsdecVaRI/+s3qs:MXCg4beRgAox/xRX/2CiF4

Entry address:
0x7B2D

Entry point:
E8, 7F, 03, 00, 00, E9, 91, FE, FF, FF, 6A, 0C, 68, 98, C7, 40, 00, E8, CD, 00, 00, 00, 83, 65, E4, 00, 8B, 5D, 0C, 8B, C3, 8B, 7D, 10, 0F, AF, C7, 8B, 75, 08, 03, F0, 89, 75, 08, 83, 65, FC, 00, 4F, 89, 7D, 10, 78, 0C, 2B, F3, 89, 75, 08, 8B, CE, FF, 55, 14, EB, EE, 33, C0, 40, 89, 45, E4, C7, 45, FC, FE, FF, FF, FF, E8, 14, 00, 00, 00, E8, CE, 00, 00, 00, C2, 10, 00, 8B, 7D, 10, 8B, 5D, 0C, 8B, 75, 08, 8B, 45, E4, 85, C0, 75, 0B, FF, 75, 14, 57, 53, 56, E8, 01, 00, 00, 00, C3, 6A, 14, 68, B8, C7, 40, 00...
 
[+]

Entropy:
4.5594

Code size:
30 KB (30,720 bytes)

Remove connect_sdlmgr.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.