» AnVir.exe
Overview
Analysis
File Details
Behaviors (1)

AnVir.exe

AnVir Task Manager Pro

AnVir Software

It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in.

File name:

AnVir.exe

Publisher:

AnVir Software (signed and verified)

Product:

AnVir Task Manager Pro

Version:

8.5.0.0

MD5:

04d2c1f99f7c8153410adf82b75f4e27

SHA-1:

5652aa2d1f2a16c3b6cd97e8c9dad25b07d8b207

SHA-256:

d4fa3e25e243c28a2566c1740f183709ef4cb04e5fbd0d3c27e983ce09d1bf12

Scanner detections:

4 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

12/26/2024 5:20:00 AM UTC (today)

Scan engine

Detection

Engine version

Clam AntiVirus

Win.Trojan.Tuxido-1

0.98/21511

Dr.Web

Program.Unwanted.1331

9.0.1.0301

Rising Antivirus

Trojan.FakeSys!1.672D (classic)

23.00.65.161025

VIPRE Antivirus

Montiera

53318

File size:

10.3 MB (10,816,368 bytes)

Product version:

8.5.0.0

Trademarks:

AnVir Task Manager Pro

Original file name:

AnVir.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\anvir task manager pro\anvir.exe

Digital Signature

Signed by:

AnVir Software

Authority:

COMODO CA Limited

Valid from:

9/7/2014 5:00:00 PM

Valid to:

9/8/2019 4:59:59 PM

Subject:

CN=AnVir Software, O=AnVir Software, STREET=Altayskaya 29, L=Moscow, S=Moscow, PostalCode=107589, C=RU

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

6F85C8A03646B0436C69F0B5E018EFBC

File PE Metadata

Compilation timestamp:

6/27/2016 8:22:37 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

CTPH (ssdeep):

98304:dxlaIEbqtUv6BShByB3KoGnT/qAKziinEvYzhdf9nH9RBhFZ2Y5DGLi:YIE3v6B+e3fkiAKziXYzh

Entry address:

0xD4D59

Entry point:

E8, 8F, 04, 00, 00, E9, 80, FE, FF, FF, FF, 25, 48, D8, 4F, 00, CC, CC, CC, CC, CC, CC, CC, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 0F, 03, C1, 1B, C9, 0B, C1, 59, E9, CA, 05, 00, 00, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 07, 03, C1, 1B, C9, 0B, C1, 59, E9, B4, 05, 00, 00, 55, 8B, EC, 83, 25, 54, 08, CD, 00, 00, 83, EC, 2C, 53, 33, DB, 43, 09, 1D, 7C, 84, A4, 00, 6A, 0A, E8, 0E, 53, 01, 00, 85, C0, 0F, 84, 74, 01, 00, 00, 83, 65, EC, 00, 33, C0, 83, 0D, 7C, 84, A4, 00, 02, 33, C9, 56, 57, 89, 1D, 54, 08, CD, 00... 
[+]

Entropy:

6.0426

Code size:

1007 KB (1,031,168 bytes)

Scheduled Task

Task name:

AnVir Task Manager

Trigger:

Logon (Runs on logon)

Scan AnVir.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.