cfgmng32.exe

PureSight Technologies Ltd

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘dvHighMem’.
Publisher:
PureSight Technologies Ltd  (signed and verified)

Description:
cfgmng32.exe

Version:
2012,1,59

MD5:
734288e77abe579c0dc89f15e1384a24

SHA-1:
c71bb7e960885e0410838cee6d08f78e75c9ba18

SHA-256:
e166ee4c3c10f6ba0dddb904399f423e4a117a2c81aeeced53b6bfc0dcbe851e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 1:29:43 PM UTC  (today)

File size:
3.8 MB (3,976,208 bytes)

Product version:
2012,1,59

Copyright:
Copyright © 2011

Original file name:
cfgmng32.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\windows\cfgmng32.exe

Digital Signature
Authority:
Symantec Corporation

Valid from:
1/4/2017 5:30:00 AM

Valid to:
2/4/2018 5:29:59 AM

Subject:
CN=PureSight Technologies Ltd, O=PureSight Technologies Ltd, L=Kfar Saba, S=Israel, C=IL

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
063DE44B40B4591AC9CD3DDAD870F802

File PE Metadata
Compilation timestamp:
1/16/2017 4:34:12 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

Entry address:
0x20F198

Entry point:
E8, 87, 10, 00, 00, E9, 80, FE, FF, FF, 3B, 0D, EC, C0, 75, 00, F2, 75, 02, F2, C3, F2, E9, 4A, 06, 00, 00, 55, 8B, EC, F6, 45, 08, 01, 56, 8B, F1, C7, 06, B4, 97, 70, 00, 74, 0A, 6A, 0C, 56, E8, 07, 08, 00, 00, 59, 59, 8B, C6, 5E, 5D, C2, 04, 00, 55, 8B, EC, 8B, 45, 08, 56, 8B, 48, 3C, 03, C8, 0F, B7, 41, 14, 8D, 51, 18, 03, D0, 0F, B7, 41, 06, 6B, F0, 28, 03, F2, 3B, D6, 74, 19, 8B, 4D, 0C, 3B, 4A, 0C, 72, 0A, 8B, 42, 08, 03, 42, 0C, 3B, C8, 72, 0C, 83, C2, 28, 3B, D6, 75, EA, 33, C0, 5E, 5D, C3, 8B, C2...
 
[+]

Entropy:
6.6078

Code size:
2.8 MB (2,958,848 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
dvHighMem

Command:
C:\windows\cfgmng32.exe


Scan cfgmng32.exe - Powered by Reason Core Security