datamngrui.exe

Bandoo Media, Inc

The application datamngrui.exe by Bandoo Media, Inc has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘DATAMNGR’. This file is typically installed with the program SearchCore for Browsers by Bandoo Media Inc which is a potentially unwanted software program.
Publisher:
Bandoo Media, Inc  (signed and verified)

MD5:
6870ef16342ba91cf3acdb056036689a

SHA-1:
d9a3e5fad6cbdc7e276e84310eb578d77924dbcb

SHA-256:
273e7e91cfd5381665706db23628b5ff8da290a489e43ac823158dad7475fbfe

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/24/2024 11:26:40 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
17.3.10.12

File size:
1.6 MB (1,700,752 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\searchcore for browsers\searchcore for browsers\datamngrui.exe

Digital Signature
Authority:
Thawte, Inc.

Valid from:
11/3/2010 9:00:00 AM

Valid to:
11/3/2012 8:59:59 AM

Subject:
CN="Bandoo Media, Inc", O="Bandoo Media, Inc", L=Panama City, S=Panama, C=PA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
7AD02DB75E76EA8D8CF4A4D1C2591229

File PE Metadata
Compilation timestamp:
10/2/2011 8:13:44 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0xF9698

Entry point:
E8, 49, B8, 00, 00, E9, 79, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 57, 56, 8B, 75, 0C, 8B, 4D, 10, 8B, 7D, 08, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, A4, 01, 00, 00, 81, F9, 00, 01, 00, 00, 72, 1F, 83, 3D, 08, 39, 55, 00, 00, 74, 16, 57, 56, 83, E7, 0F, 83, E6, 0F, 3B, FE, 5E, 5F, 75, 08, 5E, 5F, 5D, E9, 0C, B9, 00, 00, F7, C7, 03, 00, 00, 00, 75, 15, C1, E9, 02, 83, E2, 03, 83, F9, 08, 72, 2A, F3, A5, FF, 24, 95, 24, 98, 4F, 00, 90, 8B, C7, BA, 03...
 
[+]

Entropy:
6.1672

Code size:
1.1 MB (1,173,504 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
DATAMNGR

Command:
C:\Program Files2\search~1\search~1\datamn~1.exe


The file datamngrui.exe has been discovered within the following program.

SearchCore for Browsers  by Bandoo Media Inc
Bandoo SearchCore for Browsers is a search supported web browser plugin for MSN messenger, Gmail, Facebook and some other popular instant messaging applications and web services designed to enriche chat conversations and email messages.
www.bandoo.com
87% remove it
 
Powered by Should I Remove It?

Remove datamngrui.exe - Powered by Reason Core Security