VMASK.exe

VMASK -- ViewMove Automation Software Kernel

視動自動化科技 ViewMove Technologies, Inc.

The executable VMASK.exe has been detected as malware by 11 anti-virus scanners.
Publisher:
視動自動化科技 ViewMove Technologies, Inc.

Product:
VMASK -- ViewMove Automation Software Kernel

Version:
2.7.16.630

MD5:
484b12896c63b59a6af7a0ee136a47b6

SHA-1:
32c9c09235a2e62033a092a093733f71e4633736

SHA-256:
84478b35dcd8247e8410ee19ad4ebf7ad59ca737b7280439520a8c6c2b21439d

Scanner detections:
11 / 68

Status:
Malware

Analysis date:
11/29/2024 4:30:15 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Trojan.Heur2.JP.hv0bauboTEij
-40

Arcabit
Trojan.Heur2.JP.hv0bauboTEij
1.0.0.741

avast!
Win32:Evo-gen [Susp]
2014.9-170316

AVG
aspack,nupx
2018.0.2438

Bitdefender
Gen:Trojan.Heur2.JP.hv0bauboTEij
1.0.20.375

Emsisoft Anti-Malware
Gen:Trojan.Heur2.JP.hv0bauboTEij
8.17.03.16.03

F-Secure
Gen:Trojan.Heur2.JP.hv0bauboTEij
11.2017-16-03_5

G Data
Gen:Trojan.Heur2.JP.hv0bauboTEij
17.3.25

MicroWorld eScan
Gen:Trojan.Heur2.JP.hv0bauboTEij
18.0.0.225

Qihoo 360 Security
QVM13.0.Malware.Gen
1.0.0.1120

Sophos
Mal/HckPk-A
4.98

File size:
1.1 MB (1,174,528 bytes)

Product version:
2.7.16.630

Copyright:
2001-2016 (c) ViewMove Technologies, Inc.

Trademarks:
VMASK (TM) by ViewMove Technologies, Inc.

Original file name:
VMASK.exe

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
6/30/2016 3:34:50 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

Entry address:
0x3D5001

Entry point:
60, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, 50, 3D, 00, 83, BD, 88, 04, 00, 00, 00, 89, 9D, 88, 04, 00, 00, 0F, 85, CB, 03, 00, 00, 8D, 85, 94, 04, 00, 00, 50, FF, 95, A9, 0F, 00, 00, 89, 85, 8C, 04, 00, 00, 8B, F0, 8D, 7D, 51, 57, 56, FF, 95, A5, 0F, 00, 00, AB, B0, 00, AE, 75, FD, 38, 07, 75, EE, 8D, 45, 7A, FF, E0, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 56, 69, 72, 74, 75, 61, 6C, 46, 72, 65, 65, 00, 56, 69, 72, 74...
 
[+]

Entropy:
6.9615

Packer / compiler:
ASPack v2.12

Code size:
444 KB (454,656 bytes)

Windows Firewall Allowed Program
Name:
vmask -- viewmove automation software kernel


Remove VMASK.exe - Powered by Reason Core Security