home

dm_dn.exe

wisemop Inc.

The application dm_dn.exe by wisemop has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
wisemop Inc.  (signed and verified)

Version:
1.0.0.0

MD5:
36a9a79f67238f8ac043f548c58ea3d0

SHA-1:
c3822ad3a5329e1f3c0435a9e32db9511a0bc949

SHA-256:
8d6e1210921c2954da426042025cce8f42ecd685a5a2e260801f7298ea040da3

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/27/2024 4:49:02 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.11.20.17

File size:
584.2 KB (598,192 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\dual matching\dm_dn.exe

Digital Signature
Signed by:
wisemop Inc.

Authority:
Thawte, Inc.

Valid from:
1/11/2012 9:00:00 AM

Valid to:
2/10/2013 8:59:59 AM

Subject:
CN=wisemop Inc., OU=EC Team, O=wisemop Inc., L=Yongin-si, S=Gyeonggi-do, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
29A927A9A5CB57EA6AC3B26C7FA9142D

File PE Metadata
Compilation timestamp:
6/20/1992 7:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:alnkAwf7CZNdqwK9rRXvJ5L09op4ZljnS7CPEl0:a+vCZNdy99/Jt0+p4ZljnaCPS0

Entry address:
0x77958

Entry point:
55, 8B, EC, 83, C4, F0, B8, D0, 75, 47, 00, E8, DC, ED, F8, FF, A1, BC, 9A, 47, 00, 8B, 00, E8, B4, 15, FE, FF, A1, BC, 9A, 47, 00, 8B, 00, C6, 40, 5B, 00, 8B, 0D, 54, 9C, 47, 00, A1, BC, 9A, 47, 00, 8B, 00, 8B, 15, 7C, 53, 47, 00, E8, A9, 15, FE, FF, A1, BC, 9A, 47, 00, 8B, 00, E8, 1D, 16, FE, FF, E8, 94, C9, F8, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.6464

Developed / compiled with:
Microsoft Visual C++

Code size:
474.5 KB (485,888 bytes)

Remove dm_dn.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.