home

vpncmgr_x64.exe

SoftEther VPN

SoftEther K.K.

The executable vpncmgr_x64.exe has been detected as malware by 11 anti-virus scanners.
Publisher:
SoftEther Project at University of Tsukuba, Japan.  (signed by SoftEther K.K.)

Product:
SoftEther VPN

Version:
1, 1, 0, 9380

MD5:
7fae8773e62e5aae945ad66bceb67adf

SHA-1:
2f4aef1010e10e4807f9faed804d70a0c12ca041

SHA-256:
bc920107e017991ff3c47cc76530bb0db73a6ff1d2e8e3c041ad3cd44e33e3a7

Scanner detections:
11 / 68

Status:
Malware

Analysis date:
4/19/2024 3:06:02 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Win32.SlugIn.A.Dam
5691347

avast!
Win32:Patched-HO [Trj]
160119-0

AVG
Win32/Slugin.A
2015.0.4489

Dr.Web
infected with Trojan.MulDrop3.48024
9.0.1.05190

Emsisoft Anti-Malware
Win32.SlugIn.A.Dam
10.0.0.5366

F-Prot
W32/Slugin.A.gen!Eldorado (generic, damaged, not disinfectable)
4.6.5.141

F-Secure
Win32.SlugIn.A.Dam
5.15.21

Microsoft Security Essentials
Threat.Undefined
1.213.3850.0

Norman
Win32.SlugIn.A.Dam
11.01.2016 17:30:26

VIPRE Antivirus
Threat.4314869
46444

File size:
4.4 MB (4,592,155 bytes)

Product version:
1, 1, 0, 9380

Copyright:
Copyright (C) 2012-2013 SoftEther Project. All Rights Reserved.

Trademarks:
SoftEther(R) is a registered trademark of SoftEther Corporation in Japan, United Status and People's Republic of China. SoftEther Corporation is a com

Original file name:
vpncmgr_x64.exe

File type:
Executable application (Win64 EXE)

Language:
Japanese

Common path:
C:\Documents and Settings\{user}\My documents\downloads\compressed\softether vpn client\vpncmgr_x64.exe

Digital Signature
Signed by:
SoftEther K.K.

Authority:
GlobalSign nv-sa

Valid from:
12/26/2012 3:38:18 PM

Valid to:
12/27/2015 3:38:18 PM

Subject:
CN=SoftEther K.K., OU=Research and Development, O=SoftEther K.K., L=Tsukuba, S=Ibaraki, C=JP

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121DC383799851E102BDFA428B96678758E

File PE Metadata
Compilation timestamp:
8/23/2013 10:32:19 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:JuZ3qZzwCqYUI/9nmmHTJ74ng0LqIZ8Em6cSPeLdjbxMSvqQYzpwTMjNRAV3huHy:JSqtZtnFHTNDI2OPeYfj/AV347NWR

Entry address:
0x320B2C

Entry point:
48, 83, EC, 28, E8, DF, 92, 00, 00, 48, 83, C4, 28, E9, 1A, FE, FF, FF, CC, CC, 40, 53, 48, 83, EC, 20, 45, 8B, 18, 48, 8B, DA, 4C, 8B, C9, 41, 83, E3, F8, 41, F6, 00, 04, 4C, 8B, D1, 74, 13, 41, 8B, 40, 08, 4D, 63, 50, 04, F7, D8, 4C, 03, D1, 48, 63, C8, 4C, 23, D1, 49, 63, C3, 4A, 8B, 14, 10, 48, 8B, 43, 10, 8B, 48, 08, 48, 03, 4B, 08, F6, 41, 03, 0F, 74, 0C, 0F, B6, 41, 03, 83, E0, F0, 48, 98, 4C, 03, C8, 4C, 33, CA, 49, 8B, C9, 48, 83, C4, 20, 5B, E9, 3D, 00, 00, 00, CC, 48, 83, EC, 28, 4D, 8B, 41, 38...
 
[+]

Entropy:
6.2454

Code size:
3.2 MB (3,401,216 bytes)

Windows Firewall Allowed Program
Name:
C:\Documents and Settings\Admin\My Documents\Downloads\Compressed\SoftEther VPN Client\vpncmgr_x64.exe


Remove vpncmgr_x64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.