home

vip72socks.exe

VIP72 Proxy Tunneling Client

Ivan Lisin

Publisher:
VIP Technologies  (signed by Ivan Lisin)

Product:
VIP72 Proxy Tunneling Client

Version:
1.6.1.0

MD5:
f314e5dbd84ba3ff9e58f0c257393b90

SHA-1:
e1ca7fe42bcf0536aaac9b2f6115ff0e6f9036fa

SHA-256:
8970607ebd4faa8def9235c55de8a3d8cee23d5846299382fb5b17150d914a03

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 1:52:52 AM UTC  (today)

File size:
1.3 MB (1,347,736 bytes)

Copyright:
Copyright © 2001-2012, CS/VTECH

Original file name:
vip72socks.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\vip72socks.exe

Digital Signature
Signed by:
Ivan Lisin

Authority:
COMODO CA Limited

Valid from:
6/8/2012 7:00:00 AM

Valid to:
6/9/2013 6:59:59 AM

Subject:
CN=Ivan Lisin, O=Ivan Lisin, STREET="Lipetskaya, 30-93", L=Moscow, S=Moscow, PostalCode=115404, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00AC64C9175510AB178459C265EE394F54

File PE Metadata
Compilation timestamp:
1/19/2013 11:23:06 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.12

CTPH (ssdeep):
6144:0Q7SEth/g/GQrS5XqStkopPVOYBycDHNLgktUhP1B7VATaDHM7YqRPbxsvoGIsqu:0wM/GQrb4kopPVOYBycDHNLgegi0

Entry address:
0x1000

Entry point:
6A, 00, E8, 33, EB, 00, 00, A3, 69, EF, 41, 00, E8, 0B, EB, 00, 00, 50, 68, 19, EC, 41, 00, E8, CC, EB, 00, 00, 68, 19, EC, 41, 00, E8, CE, EB, 00, 00, 6A, 08, 68, DE, 87, 41, 00, 50, 68, 19, EC, 41, 00, 6A, 00, E8, 42, 1F, 00, 00, 83, F8, FF, 74, 07, C6, 05, 19, EE, 41, 00, 01, 68, 19, EC, 41, 00, E8, A4, EB, 00, 00, 6A, 04, 68, D9, 87, 41, 00, 50, 68, 19, EC, 41, 00, 6A, 00, E8, 18, 1F, 00, 00, 83, F8, FF, 74, 09, 66, C7, 05, EA, 94, 41, 00, 0E, 00, 68, 19, EC, 41, 00, E8, 78, EB, 00, 00, 6A, 09, 68, E9...
 
[+]

Entropy:
3.9205

Code size:
81 KB (82,944 bytes)

Scan vip72socks.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.