home

lovevpn_setup.exe

Anhui Tianda Network Technology Company Limited

The executable lovevpn_setup.exe has been detected as malware by 9 anti-virus scanners. This is a setup and installation application and has been known to bundle potentially unwanted software.
Publisher:
LOVEVPN  (signed by Anhui Tianda Network Technology Company Limited)

Version:
1.0.0.0

MD5:
ce33a0af34558cd83342f592ecd4af06

SHA-1:
9ddfa9e3868949804d9d474f244f8c7a105922f1

SHA-256:
3cf0f158ed5515cba0c0781589fd9b120c73e9b202b0c6a602de179e4f873037

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
4/25/2024 4:53:40 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
2014.9-170228

AVG
Generic4_c
2018.0.2453

Comodo Security
UnclassifiedMalware
22111

Fortinet FortiGate
W32/Packed!tr
2/28/2017

McAfee
Generic packed
5600.6109

Norman
Suspicious_Gen2.PUDKB
11.20170228

Trend Micro House Call
TROJ_GEN.R02SC0EJR14
7.2.59

Trend Micro
TROJ_GEN.R02SC0EJR14
10.465.28

VIPRE Antivirus
Trojan.Win32.Generic
40218

File size:
2.4 MB (2,522,608 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\compressed\lovevpn_setup.exe

Digital Signature
Signed by:
Anhui Tianda Network Technology Company Limited

Authority:
VeriSign, Inc.

Valid from:
6/25/2010 2:00:00 AM

Valid to:
6/26/2011 1:59:59 AM

Subject:
CN=Anhui Tianda Network Technology Company Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Anhui Tianda Network Technology Company Limited, L=Hefei, S=Anhui, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
60B31DA2D1BBDCBA4FE92FD97BF86A83

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x116ED0

Entry point:
B8, B4, 8E, 72, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 16, 5D, F9, 61, 1D, 54, 85, 43, 8B, F7, 4C, E2, 58, D4, 81, DE, 23, 00, 00, 00, 97, 89, B6, C8, EB, 98, 12, 6F, 1E, 04, B8, 42, 94, 4D, 57, 18, CC, 5F, 51, 19, CC, 66, A9, A2, 62, 81, 20, 5D, 0A, 9E, 0E, D0, A9, 7C, 72, 5C, F6, 17, 02, D8, 18, D5, 4D, 24, BA, F5, A3, 7C, 00, E0, C5, D8, 7B, 49, C3, 19, 85, AF, D9, 97, 00, 00, 00, 00, 03, BF, 32, DE, CE, 49, 74, 33, 5B...
 
[+]

Entropy:
7.7610

Packer / compiler:
PECompact v2

Code size:
1.1 MB (1,138,688 bytes)

Remove lovevpn_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.