home

KVUMon.exe

Jiangmin Software

Beijing Jiangmin New Sci.&Tec. Co. Ltd.

The executable KVUMon.exe has been detected as malware by 12 anti-virus scanners.
Publisher:
Jiangmin Co., Ltd.  (signed by Beijing Jiangmin New Sci.&Tec. Co. Ltd.)

Product:
Jiangmin Software

Description:
KVUMon Module

Version:
1, 0, 8, 812

MD5:
49ffa32613c8b722d773d0b2aea2782f

SHA-1:
c71dabfcb8cd2fe20e53c5dd9433bebbb0a09c6f

SHA-256:
e9677fef9c43c9769441c9f565f8268f30064502c0610d6c093e42515775f5e3

Scanner detections:
12 / 68

Status:
Malware

Analysis date:
4/26/2024 11:27:06 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
2014.9-161212

AVG
Agent3
2017.0.2531

Comodo Security
UnclassifiedMalware
15242

Fortinet FortiGate
W32/Agent2.FJMU!tr
12/12/2016

G Data
Win32:Malware-gen
16.12.22

IKARUS anti.virus
Trojan.Win32.Webprefix
t3scan.2.0.0.0

McAfee
Artemis!49FFA32613C8
5600.6187

NANO AntiVirus
Trojan.Win32.Agent2.bdlqws
0.22.8.50287

Quick Heal
Trojan.Agent2.fjmu
12.16.12.00

Trend Micro House Call
TROJ_GEN.RCBH1K7
7.2.347

Vba32 AntiVirus
Trojan.Agent2.elaj
3.12.20.2

ViRobot
Trojan.Win32.A.Agent.333148
2011.4.7.4223

File size:
325.3 KB (333,120 bytes)

Product version:
11, 0, 0, 700

Copyright:
Copyright (C) 2009 Jiangmin Co., Ltd. All rights reserved.

Original file name:
KVUMon.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\kvumon.exe

Digital Signature
Signed by:
Beijing Jiangmin New Sci.&Tec. Co. Ltd.

Authority:
VeriSign, Inc.

Valid from:
5/13/2007 8:00:00 PM

Valid to:
7/12/2010 7:59:59 PM

Subject:
CN=Beijing Jiangmin New Sci.&Tec. Co. Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Beijing Jiangmin New Sci.&Tec. Co. Ltd., S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0AF99D85F0A11EFF984DCA484E2899A4

File PE Metadata
Compilation timestamp:
8/12/2008 1:25:59 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0x15D64

Entry point:
E8, 23, 64, 00, 00, E9, 17, FE, FF, FF, CC, CC, 68, B0, 4B, 41, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 74, C2, 44, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, C3, B8, AD, CC, 41, 00, A3, 08, CD, 44, 00, C7, 05, 0C, CD, 44, 00, A9, C3, 41, 00, C7, 05, 10, CD, 44, 00...
 
[+]

Entropy:
6.2964

Code size:
248 KB (253,952 bytes)

Remove KVUMon.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.