» networkcfg.exe
Overview
Analysis
File Details

networkcfg.exe

Anyplace Control

Yuriy Honcharuk

File name:

networkcfg.exe

Publisher:

Anyplace Control Software (signed by Yuriy Honcharuk)

Product:

Anyplace Control

Description:

Anyplace Control www.anyplace-control.com

Version:

5.4.0.0

MD5:

8c7c7692b286e2f2226cb5c556344e55

SHA-1:

020e947faf9260232bc6734a3a6808048c4dbe2a

SHA-256:

702c52e291b5054fd8d4a132550a054dceda80fe2c453a549adfab3b01778d28

Scanner detections:

2 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/18/2024 11:44:53 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Dr.Web

infected with Trojan.DownLoad3.12898

9.0.1.05190

ESET NOD32

Win32/TrojanDropper.Delf.OLQ trojan

7.0.302.0

File size:

2.8 MB (2,944,928 bytes)

Product version:

5.4

Original file name:

apc_Admin.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\windows\networkcfg.exe

Digital Signature

Signed by:

Yuriy Honcharuk

Authority:

COMODO CA Limited

Valid from:

6/14/2011 5:30:00 AM

Valid to:

6/14/2012 5:29:59 AM

Subject:

CN=Yuriy Honcharuk, O=Yuriy Honcharuk, STREET="Geroev Stalingrada 13-A, ap. 275", L=Kiev, S=Ukraine, PostalCode=04210, C=UA

Issuer:

CN=COMODO Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

009F68BEA6185B7BFB2C506308DD5ED90E

File PE Metadata

Compilation timestamp:

6/20/1992 3:52:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:95pmXXNdR811d7k84VcUaQkWpsRjtym27vk2j1d4+E1/y:Fi81d7k7ppsRjtKMy1dxE1/y

Entry address:

0x7B7BDD

Entry point:

E8, 3B, FF, FF, FF, 05, 30, 2E, 00, 00, FF, E0, E8, 2F, FF, FF, FF, 05, 3A, 05, 00, 00, FF, E0, E8, 04, 00, 00, 00, FF, FF, FF, FF, 5E, C3, 00, 06, 83, D8, 9D, 53, FA, 8B, 93, D6, 58, 86, 6F, F8, 22, AC, A0, 78, 5D, 1F, C8, 20, 3B, 17, BF, 31, 88, 85, 98, 3B, 93, C8, A1, 8F, 03, 4B, 6D, 61, 58, 5D, 16, 77, 43, EB, CE, 10, 10, 7F, 4F, EB, EA, A0, 83, 00, 01, F0, 76, E9, 35, 5C, 97, 55, 6A, F8, F7, 57, ED, 36, 43, 0D, 93, 1E, 65, DB, C1, DC, E0, EA, A5, 38, F3, 84, 22, F3, 26, 68, 84, 2C, A8, 36, ED, DD, 3E... 
[+]

Entropy:

7.6764

Code size:

2.7 MB (2,849,280 bytes)

Scan networkcfg.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.