home

VpnConf.exe

TheGreenBow VPN Client

TheGreenBow

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘TgbVpn’. This is installed with TheGreenBow IPSec VPN Client.
Publisher:
TheGreenBow  (signed and verified)

Product:
TheGreenBow VPN Client

Version:
5.06

MD5:
9abd531ac4ca2b3650f8d646982ed83b

SHA-1:
86960304e486720f5fb3e6e8341c2df94e1c98c4

SHA-256:
30e8e180d87072668e74c0445dd2ce7e95a14a059f48bc1397c85fbbb2cc8faf

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 11:57:51 AM UTC  (today)

File size:
519.6 KB (532,024 bytes)

Product version:
5.06

Copyright:
© TheGreenBow 2011. All rights reserved.

Trademarks:
TheGreenBow

Original file name:
VpnConf.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\thegreenbow\thegreenbow vpn\vpnconf.exe

Digital Signature
Signed by:
TheGreenBow

Authority:
VeriSign, Inc.

Valid from:
9/1/2010 2:00:00 AM

Valid to:
9/1/2011 1:59:59 AM

Subject:
CN=TheGreenBow, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=TheGreenBow, L=Paris, S=Paris, C=FR

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
308EC2493F569511F3A44763677F86F9

File PE Metadata
Compilation timestamp:
7/20/2011 5:56:42 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:ii8qEoXochK3yNpGpx9h7+wP5Emp6AY1gzJJlhB2nt+37:iW7ZpGppawbp6AY1gQU7

Entry address:
0x190400

Entry point:
60, BE, 00, 00, 52, 00, 8D, BE, 00, 10, EE, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89...
 
[+]

Packer / compiler:
UPX 2.90LZMA

Code size:
452 KB (462,848 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
TgbVpn

Command:
"C:\Program Files\thegreenbow\thegreenbow vpn\vpnconf.exe"


The file VpnConf.exe has been discovered within the following program.

TheGreenBow IPSec VPN Client  by TheGreenBow
www.thegreenbow.com
About 1% of users remove it
 
Powered by Should I Remove It?

Scan VpnConf.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.