home

nmanager.exe

DRPU Software Private Limited

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘DRPU Network Manager’.
Publisher:
DRPU Software Pvt. Ltd.  (signed by DRPU Software Private Limited)

Version:
4. 0. 1. 6

MD5:
e6bccbf9f89f78d27af44b0097b956a6

SHA-1:
2db593c4330506f154a1ebb941f09bb5543b3ea9

SHA-256:
762f317f0cc7cf1b019e42fea3cf75f20ccf828c3081daa3b5bb6cc570e71b1c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 5:23:05 PM UTC  (today)

File size:
1.5 MB (1,596,272 bytes)

Product version:
4. 0. 1. 6

Copyright:
Copyright © 2007-2010. All rights reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\drpu network manager - server_demo\nmanager.exe

Digital Signature
Signed by:
DRPU Software Private Limited

Authority:
The USERTRUST Network

Valid from:
9/8/2010 5:30:00 AM

Valid to:
9/8/2013 5:29:59 AM

Subject:
CN=DRPU Software Private Limited, OU=Software Development, O=DRPU Software Private Limited, STREET=J-80 Patel Nagar - 1, L=Ghaziabad, S=UP, PostalCode=201001, C=IN

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
008DCDF20944D85EEBBD5FFE8E4D159B97

File PE Metadata
Compilation timestamp:
2/6/2010 4:59:07 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:3J/CujqZETRl/htp29ccIkSvFlIn9eghLMYMqf:E8qXccIkSvFlIn9eghLMSf

Entry address:
0x9AB80

Entry point:
8B, FF, 55, 8B, EC, E8, 66, DD, 00, 00, E8, 11, 00, 00, 00, 5D, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 6A, FE, 68, E0, 13, 50, 00, 68, 60, 0A, 4A, 00, 64, A1, 00, 00, 00, 00, 50, 83, C4, 94, 53, 56, 57, A1, F0, 6F, 50, 00, 31, 45, F8, 33, C5, 50, 8D, 45, F0, 64, A3, 00, 00, 00, 00, 89, 65, E8, C7, 45, 90, 00, 00, 00, 00, C7, 45, FC, 00, 00, 00, 00, 8D, 45, A0, 50, FF, 15, 10, 33, 4D, 00, C7, 45, FC, FE, FF, FF, FF, EB, 26, B8, 01, 00, 00, 00, C3, 8B, 65, E8, C7...
 
[+]

Entropy:
5.8971

Code size:
836.5 KB (856,576 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
DRPU Network Manager

Command:
C:\Program Files\drpu network manager - server_demo\nmanager.exe


Scan nmanager.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.