konturvncservice.exe

SKB Kontur

It runs as a separate (within the context of its own process) windows Service named “KonturVNCservice”.
Publisher:
SKB Kontur  (signed and verified)

MD5:
6d57c739fd18fa444192b550bdb5609b

SHA-1:
f59ef43105cd9ed78ddbc8881b7d29b49a295037

SHA-256:
5c971ab232f3b55129a1bab0217442c42858f816e67ff4d1c119ed4eff0330a3

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/26/2024 5:13:50 AM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Trojan.Inject
t3scan.1.6.1.0

File size:
54.3 KB (55,624 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\retun\konturvncservice.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
11/10/2010 5:00:00 AM

Valid to:
11/9/2013 4:59:59 AM

Subject:
CN=SKB Kontur, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=SKB Kontur, L=Ekaterinburg, S=Ural Region, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1A27EA0DF05D9922D534CF51E8626BE2

File PE Metadata
Compilation timestamp:
8/9/2013 4:36:11 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x17F1

Entry point:
E8, E4, 28, 00, 00, E9, 89, FE, FF, FF, B8, 18, C0, 40, 00, C3, A1, C0, EB, 40, 00, 56, 6A, 14, 5E, 85, C0, 75, 07, B8, 00, 02, 00, 00, EB, 06, 3B, C6, 7D, 07, 8B, C6, A3, C0, EB, 40, 00, 6A, 04, 50, E8, 92, 29, 00, 00, 59, 59, A3, A0, DB, 40, 00, 85, C0, 75, 1E, 6A, 04, 56, 89, 35, C0, EB, 40, 00, E8, 79, 29, 00, 00, 59, 59, A3, A0, DB, 40, 00, 85, C0, 75, 05, 6A, 1A, 58, 5E, C3, 33, D2, B9, 18, C0, 40, 00, EB, 05, A1, A0, DB, 40, 00, 89, 0C, 02, 83, C1, 20, 83, C2, 04, 81, F9, 98, C2, 40, 00, 7C, EA, 6A...
 
[+]

Code size:
29.5 KB (30,208 bytes)

Service
Display name:
KonturVNCservice

Description:
Provide remote tunnel to access this computer

Type:
Win32OwnProcess


Scan konturvncservice.exe - Powered by Reason Core Security