home

PwdManager.exe

Password Manager XP

Pavlo Matviienko

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘PasswordManagerXP’. This is installed with Password Manager XP.
Publisher:
CP Lab  (signed by Pavlo Matviienko)

Product:
Password Manager XP

Version:
3.2.0.614

MD5:
a4651075fe0fc15e43c21adeb3a25bde

SHA-1:
ff512953aa2b29b552ade84017be056798cedff0

SHA-256:
685ed5d02497ce5906d00a3fdcbac2e14caf6b7eb87afcfd3016fcee944e93d7

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 9:10:53 PM UTC  (today)

File size:
1.7 MB (1,821,008 bytes)

Product version:
3.2

Copyright:
(C) 2002-2014 by CP Lab

Original file name:
PwdManager.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\password manager xp\pwdmanager.exe

Digital Signature
Signed by:
Pavlo Matviienko

Authority:
StartCom Ltd.

Valid from:
8/19/2012 2:39:30 PM

Valid to:
8/21/2014 9:54:15 AM

Subject:
E=pavel.matvienko@cp-lab.com, CN=Pavlo Matviienko, L=Kiev, S=Kyyiv, C=UA, Description=lPEE8tQM8d41CxsR

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
0702

File PE Metadata
Compilation timestamp:
6/19/1992 5:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:QkA4eyfHwxmg+PZxzKi/NuNkr1uf1wR1Dh9+u6APMS2OHbsxfi/m5HP2KoBtigOO:QkgxmgKDnFuNqsK6oPMSCfEmtPlCLOKx

Entry address:
0x1BB11F

Entry point:
E9, A5, 1B, FF, FF, 1C, 1E, 03, 9E, 6C, 87, 07, 3C, 19, FB, 82, 6F, E8, 5C, 51, ED, 62, 02, FD, 83, EC, 10, 53, 56, 57, E8, C4, 01, 00, 81, F9, 6F, 7E, 27, 5E, E9, 8F, AD, FC, FF, 55, E9, EC, 7F, 00, 00, 50, E8, 27, 5B, FE, FF, C9, 24, 33, 56, 1D, BC, 2B, 80, E8, 06, 51, FF, FF, B1, 2E, 42, 07, 81, E0, C1, AC, FE, 53, 81, C8, D4, 8F, BB, 3A, E8, 18, 1B, FC, FF, 3A, 25, 23, 10, 9E, 05, 30, B0, E8, 7E, AF, FF, FF, 5A, C3, AF, CB, AB, 05, D0, F4, E9, 77, 47, FC, FF, E8, CA, C9, FD, FF, 92, A8, 24, 24, C2, 05...
 
[+]

Entropy:
6.8567

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
928.5 KB (950,784 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
PasswordManagerXP

Command:
"C:\Program Files\password manager xp\pwdmanager.exe" \min


The file PwdManager.exe has been discovered within the following program.

Password Manager XP  by CP Lab
Publisher's description - “Password Manager eXtra Potection (XP) is a convenient software application for storing passwords, access codes, social security and credit card numbers and other valuable information that needs protection. It will be your passwords and secrets keeper.”
www.cp-lab.com
8% remove it
 
Powered by Should I Remove It?

Scan PwdManager.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.