home

Strongvault.exe

Strongvault Online Backup

Strongvault Online Storage LLC

The application Strongvault.exe, “This installer database contains the logic and data required to install Strongvault Online Backup.” by Strongvault Online Storage has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The file has been seen being downloaded from cdn.airdlr1.com.
Publisher:
Strongvault  (signed by Strongvault Online Storage LLC)

Product:
Strongvault Online Backup

Description:
This installer database contains the logic and data required to install Strongvault Online Backup.

Version:
2.1.1.0

MD5:
313b7e19df1378ef7cde4afd52db1dd9

SHA-1:
f58f4f4cac03f53cf158baf35fe20d83ccf7d8cc

SHA-256:
61378d7250b6bcefca2fea84367719876f5148bf1040cf8d24383b085cbdc027

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
1/24/2025 10:23:30 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.Installer.L
14.3.31.16

File size:
12.8 MB (13,428,624 bytes)

Product version:
2.1.1.0

Copyright:
Copyright (C) Strongvault

Original file name:
Strongvault.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\strongvault.exe

Digital Signature
Signed by:
Strongvault Online Storage LLC

Subject:
CN=Strongvault Online Storage LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Strongvault Online Storage LLC, L=newport beach, S=California, C=US

Serial number:
48A7245B07D6ADFDDD6F3FAC024F13AF

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
393216:Si5jLyCzI8UTIrOsEV9K6lEjOPaQTQwMb:S0nUTIyBFlEjOBK

Entry point:
E8, 30, 9F, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 55, 08, 53, 56, 57, 33, FF, 3B, D7, 74, 07, 8B, 5D, 0C, 3B, DF, 77, 1E, E8, 88, 3A, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, 11, 3A, 00, 00, 83, C4, 14, 8B, C6, 5F, 5E, 5B, 5D, C3, 8B, 75, 10, 3B, F7, 75, 07, 33, C0, 66, 89, 02, EB, D4, 8B, CA, 0F, B7, 06, 66, 89, 01, 41, 41, 46, 46, 66, 3B, C7, 74, 03, 4B, 75, EE, 33, C0, 3B, DF, 75, D3, 66, 89, 02, E8, 3F, 3A, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, B3, 8B, FF, 55, 8B, EC, 83, EC...
 
[+]

Entropy:
7.9824  (probably packed)

The file Strongvault.exe has been seen being distributed by the following URL.

http://cdn.airdlr1.com/downloads/offers/.../Strongvaultb.exe

Remove Strongvault.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.