» proxpn_upgrader.exe
Overview
Analysis
File Details

proxpn_upgrader.exe

proXPN Direct, LLC

File name:

proxpn_upgrader.exe

Publisher:

proXPN Direct, LLC (signed and verified)

MD5:

37265ce1aa7f00757ad66fd5ff2bf442

SHA-1:

906cfd9086b53f1028c3a22e7b25d4d6606dbed6

SHA-256:

8de9e3c16c70cc66661d52d3d564048bc48784dc389a0883d3cae11dbca8be26

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/24/2024 4:59:56 AM UTC (today)

Scan engine

Detection

Engine version

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.26.3

File size:

186 KB (190,504 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\proxpn\bin\proxpn_upgrader.exe

Digital Signature

Signed by:

proXPN Direct, LLC

Authority:

GlobalSign nv-sa

Valid from:

3/12/2010 3:16:57 AM

Valid to:

3/13/2011 3:16:51 AM

Subject:

CN="proXPN Direct, LLC", O="proXPN Direct, LLC", L=Winter Springs, S=FL / Seminole, C=US

Issuer:

CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:

0100000000012750891A64

File PE Metadata

Compilation timestamp:

12/24/2010 2:32:09 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

8.0

CTPH (ssdeep):

3072:sY66ZDR1O5h3rR7ULsowvMmDDTVbUOZqSj0jwr73R93YtBjD:J6o1sQLsoaMmzVbHpAjD

Entry address:

0xD20A

Entry point:

E8, 39, 4E, 00, 00, E9, 41, FE, FF, FF, 8B, 4C, 24, 04, 53, 56, 57, 33, FF, 3B, CF, 74, 08, 8B, 5C, 24, 14, 3B, DF, 77, 1B, E8, B7, 19, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, 41, 04, 00, 00, 83, C4, 14, 8B, C6, EB, 38, 8B, 74, 24, 18, 3B, F7, 75, 05, 66, 89, 39, EB, D8, 8B, D1, 0F, B7, 06, 66, 89, 02, 42, 42, 46, 46, 66, 3B, C7, 74, 03, 4B, 75, EE, 3B, DF, 75, 11, 66, 89, 39, E8, 74, 19, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, B9, 33, C0, 5F, 5E, 5B, C3, 55, 8B, EC, 83, EC, 20, 53, 33, DB, 39... 
[+]

Entropy:

6.3939

Code size:

132 KB (135,168 bytes)

Scan proxpn_upgrader.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.