home

mfahq.exe

PureVPN

GZ Systems Limited

Publisher:
GZ Systems Limited  (signed and verified)

Product:
PureVPN

Description:
PureVPN

Version:
5.17

MD5:
7dddbc674572e34ed867fd0898c7a514

SHA-1:
182140d49dfac601f4537f5a6146bda3d120db82

SHA-256:
8fa7dc537bab0fc3c77b651338bd1f62b109eb701f2ffe5d9de7f31196202694

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/15/2024 12:51:55 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/GenKryptik.UAU trojan
6.3.12010.0

Kaspersky
Worm.Win32.WBNA
15.0.2.529

File size:
539.3 KB (552,224 bytes)

Product version:
5.17

Copyright:
Copyright © 2014

Original file name:
PureVPN.exe

File type:
Executable application (Win32 EXE)

Language:
Chinski (tradycyjny, Makau SAR)

Common path:
C:\users\{user}\appdata\local\temp\mfahq.exe

Digital Signature
Signed by:
GZ Systems Limited

Authority:
DigiCert Inc

Valid from:
5/13/2014 2:00:00 AM

Valid to:
7/19/2017 2:00:00 PM

Subject:
CN=GZ Systems Limited, O=GZ Systems Limited, L=Central, C=HK

Issuer:
CN=DigiCert SHA2 High Assurance Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0D94FD9B035C215F088C6CAB021E3FF6

File PE Metadata
Compilation timestamp:
2/8/2017 1:21:15 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x1194

Entry point:
68, 44, F8, 45, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, AA, E1, 3C, 19, 4B, C6, 34, 4B, 9D, E0, A6, 77, 37, 89, FC, 0F, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 41, 00, 20, 08, 41, 00, 76, 62, 34, 70, 72, 6F, 6A, 65, 63, 74, 56, 62, 00, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 00, 2A, 5C, D1, 3A, F6, 03, 0D, 44, 97, 4B, 9B, 96, 2E, 6B, C8, 62, 56, CE, 85, 69, C7, 49, 37, 45, A9, AB, A0, 97, E3, 73, D7, E4, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
388 KB (397,312 bytes)

Scan mfahq.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.