home

mainservice.exe

ProxyGate

GOLD CLICK LIMITED

The executable mainservice.exe, “PG Control Center” has been detected as malware by 1 anti-virus scanner.
Publisher:
Gold Click Ltd  (signed by GOLD CLICK LIMITED)

Product:
ProxyGate

Description:
PG Control Center

Version:
3.0.0.132

MD5:
d4140708d99a8f9edce0be99d1a79458

SHA-1:
6f86b0c40819785b3f42f4e5dcf8513ba2dff3f8

SHA-256:
99a207e8683d8da8cf23158906e02b1c737da71954eae39af4ae04295f472ede

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/23/2024 4:45:48 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.11.2

File size:
2.2 MB (2,285,664 bytes)

Product version:
3.0.0.132

Copyright:
Gold Click Ltd

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\proxygate\mainservice.exe

Digital Signature
Signed by:
GOLD CLICK LIMITED

Authority:
GlobalSign nv-sa

Valid from:
1/5/2016 11:21:09 AM

Valid to:
4/26/2017 6:17:01 PM

Subject:
CN=GOLD CLICK LIMITED, O=GOLD CLICK LIMITED, S=Surrey, C=GB

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121E1CE57747D3AA0E2D8A055EE1FA5696D

File PE Metadata
Compilation timestamp:
2/22/2017 8:06:14 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x1D64D4

Entry point:
55, 8B, EC, 83, C4, F0, 53, B8, 94, D9, 5C, 00, E8, AB, 8A, E3, FF, A1, DC, BE, 5D, 00, 8B, 00, 80, 78, 40, 00, 74, 10, A1, DC, BE, 5D, 00, 8B, 00, E8, F6, 63, FF, FF, 84, C0, 74, 0C, A1, DC, BE, 5D, 00, 8B, 00, 8B, 10, FF, 52, 48, 8B, 0D, 94, BA, 5D, 00, A1, DC, BE, 5D, 00, 8B, 00, 8B, 15, 14, CF, 5C, 00, 8B, 18, FF, 53, 44, A1, DC, BE, 5D, 00, 8B, 00, 8B, 10, FF, 52, 4C, 5B, E8, 40, 38, E3, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.6556

Developed / compiled with:
Microsoft Visual C++

Code size:
1.8 MB (1,920,512 bytes)

Remove mainservice.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.