home

globalvpn_1030_beta.exe

GlobalVPN

This is a self-extracting archive and installer. The file has been seen being downloaded from cvws.icloud-content.com and multiple other hosts.
Publisher:
GlobalVPN

Description:
GlobalVPN Client Installer

Version:
1.0.3.0

MD5:
ccfa8162531d53b0930b19cc6533b6b3

SHA-1:
79a59794fa56ee96aeec485f1c7e8c34ca5b25ac

SHA-256:
856a9c830151e7980ceb9ae0945df6879bdfee68364aafe0543bf6a0ff207427

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/25/2024 8:27:07 PM UTC  (today)

Scan engine
Detection
Engine version

Zillya! Antivirus
Trojan.Patched.Win32.44481
2.0.0.1783

File size:
1.3 MB (1,385,070 bytes)

Product version:
1.0.3.0

Copyright:
© GlobalVPN 2012

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\globalvpn_1030_beta.exe

File PE Metadata
Compilation timestamp:
10/2/2010 10:32:50 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:/q7GUo+F3YlBijXvBJ3Nn7BjlpOu3iBf6zWkWcU9Et2V:ia+FIyXvL3Nn7BxwuyBYWcyE0V

Entry address:
0x1926

Entry point:
E8, 7D, 04, 00, 00, E9, 37, FD, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 40, 31, 40, 00, 89, 0D, 3C, 31, 40, 00, 89, 15, 38, 31, 40, 00, 89, 1D, 34, 31, 40, 00, 89, 35, 30, 31, 40, 00, 89, 3D, 2C, 31, 40, 00, 66, 8C, 15, 58, 31, 40, 00, 66, 8C, 0D, 4C, 31, 40, 00, 66, 8C, 1D, 28, 31, 40, 00, 66, 8C, 05, 24, 31, 40, 00, 66, 8C, 25, 20, 31, 40, 00, 66, 8C, 2D, 1C, 31, 40, 00, 9C, 8F, 05, 50, 31, 40, 00, 8B, 45, 00, A3, 44, 31, 40, 00, 8B, 45, 04, A3, 48, 31, 40, 00, 8D, 45, 08, A3, 54, 31, 40...
 
[+]

Code size:
4 KB (4,096 bytes)

The file globalvpn_1030_beta.exe has been seen being distributed by the following 3 URLs.

https://cvws.icloud-content.com/B/.../GlobalVPN_1030_beta.exe

http://en.globalvpn.net/client/.../GlobalVPN_1030_beta.exe

http://en.globalvpn.net/.../download.php

Scan globalvpn_1030_beta.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.