home

pmang_voicechat.exe

Pmangインストールマネージャー

Game On Co.,Ltd.

This is a setup program which is used to install the application. The file has been seen being downloaded from common.nefficient.jp and multiple other hosts.
Publisher:
GameOn  (signed by Game On Co.,Ltd.)

Product:
Pmangインストールマネージャー

Version:
1.0.1.9

MD5:
e80fe3388bf773c9b8de1e84370c503b

SHA-1:
3277cb37d04f7695460d277440cbe9a46aa0de25

SHA-256:
84709410ba4d887697dfdcd13481de6d8f9f3af2ba1c9e28c9edf740d8ce1144

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/23/2024 6:27:12 AM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Trojan.Injector!6.714
23.00.65.15417

File size:
17.4 MB (18,227,528 bytes)

Product version:
1.0.1.9

Copyright:
(c) GameOn. All rights reserved.

Original file name:
ExecuteInstaller.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\pmang_voicechat.exe

Digital Signature
Signed by:
Game On Co.,Ltd.

Authority:
COMODO CA Limited

Valid from:
5/20/2014 9:00:00 AM

Valid to:
5/21/2019 8:59:59 AM

Subject:
CN="Game On Co.,Ltd.", O="Game On Co.,Ltd.", STREET="1-19-19, Ebisu", L=Shibuya-Ku, S=Tokyo, PostalCode=150-0013, C=JP

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D05D748F0EA18CE587EB48972053245F

File PE Metadata
Compilation timestamp:
6/6/2012 7:37:21 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
393216:aAdjCKepfEDJB4JUHNPu4MXlNdNBUwAKA2U2AIxESHAo0:fdjCyX4mU4KlNdNBmKc/IxU

Entry address:
0x2359

Entry point:
55, 8B, EC, 81, EC, 18, 02, 00, 00, A1, F4, 1D, 46, 00, 33, C5, 89, 45, FC, 8D, 85, E8, FD, FF, FF, 50, C7, 85, E8, FD, FF, FF, 94, 00, 00, 00, FF, 15, 88, B3, 44, 00, 83, BD, F8, FD, FF, FF, 02, 73, 4E, 56, 8B, 35, C4, B5, 44, 00, 68, 00, 01, 00, 00, 8D, 85, 7C, FE, FF, FF, 50, 68, A3, 00, 00, 00, 6A, 00, FF, D6, 68, 80, 00, 00, 00, 8D, 85, 7C, FF, FF, FF, 50, 68, A4, 00, 00, 00, 6A, 00, FF, D6, 6A, 10, 8D, 85, 7C, FF, FF, FF, 50, 8D, 85, 7C, FE, FF, FF, 50, 6A, 00, FF, 15, C8, B5, 44, 00, 33, C0, 5E, EB...
 
[+]

Entropy:
7.9937

Developed / compiled with:
Microsoft Visual C++

Code size:
295 KB (302,080 bytes)

The file pmang_voicechat.exe has been seen being distributed by the following 3 URLs.

http://common.nefficient.jp/common/.../pmang_voicechat.exe

http://games.nefficient.jp/games/common/.../pmang_voicechat.exe

http://dl.pmang.jp/games/common/.../pmang_voicechat.exe

Scan pmang_voicechat.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.