home

vmprotect_con.exe

VMProtect

Ivan Yurievich Permyakov IP

The application vmprotect_con.exe by Ivan Yurievich Permyakov IP has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
VMProtect Software  (signed by Ivan Yurievich Permyakov IP)

Product:
VMProtect

Version:
2.1.1.6180

MD5:
f4da0cdd9d241988bab77f9b92d98fbf

SHA-1:
95064fca8a9f3285d83cd62be3912f5f0982b6aa

SHA-256:
b0fa0d15f63d06b46528dd5d274beb73a552f8cef73fd32a3f6448866756860f

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/26/2024 5:01:11 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.12.21.18

File size:
4.8 MB (5,074,552 bytes)

Product version:
2.11

Copyright:
Copyright 2003-2012 VMProtect Software

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\vmprotect ultimate\vmprotect_con.exe

Digital Signature
Signed by:
Ivan Yurievich Permyakov IP

Authority:
COMODO CA Limited

Valid from:
3/26/2012 5:00:00 PM

Valid to:
3/27/2013 4:59:59 PM

Subject:
CN=Ivan Yurievich Permyakov IP, O=Ivan Yurievich Permyakov IP, STREET="8 Marta str, 194-236", L=Ekaterinburg, S=Sverdlovskaya oblast, PostalCode=620144, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
4A7C90ECFD30D2E76C561C688CF7613F

File PE Metadata
Compilation timestamp:
4/3/2012 5:37:12 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.25

Entry address:
0xAEE184

Entry point:
68, 12, 87, 37, A7, C7, 04, 24, 7D, A3, 81, A2, 9C, E9, 92, 04, C4, FF, 8C, 31, AA, 2A, BB, 86, 1F, 47, BE, 3F, 99, D8, B7, 43, 1C, 79, F2, A5, 28, 4D, D2, 50, C3, 99, 14, 9A, 09, AF, 24, 2B, A0, E1, 66, 37, B0, FD, 7E, 17, 8C, 5F, D8, 80, 00, 85, DD, 6D, F8, C1, F7, D1, 3A, 5D, 04, 9F, C7, 6D, 1C, 0D, 1C, 14, 1F, E2, BA, BE, 2B, 12, 87, DF, 33, EA, 13, 40, C5, 32, A9, 0C, F1, A9, D0, 55, 0D, C9, 4C, 14, E5, 60, 38, D3, 72, 70, F7, AF, 9D, 12, 1D, 92, 8F, 0E, 51, 9E, 34, AB, CA, AD, A2, 7D, 02, CF, A8, D9...
 
[+]

Entropy:
7.9982  (probably packed)

Code size:
1.4 MB (1,453,568 bytes)

Remove vmprotect_con.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.