home

vmnetdrv32.exe

Atom Security OOO

The application vmnetdrv32.exe, “Network Maintenance Service” by Atom Security OOO has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
RapidLights, Inc.  (signed by Atom Security OOO)

Description:
Network Maintenance Service

Version:
5.8.2422.0

MD5:
f02be5ff4a997960f95b00ae70aa33d3

SHA-1:
df22086ec53dc0f67be582272a8c205493928b43

SHA-256:
55d47ace2b3c2ff1c628eaf81b98179fc04b630815d49c6c88ec8c86f10e15e6

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/28/2024 4:32:51 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.AtomSecu
17.2.18.8

File size:
65.8 MB (69,028,032 bytes)

Product version:
5.8.0.0

Copyright:
Copyright (C) 2016 RapidLights, Inc.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\windows\syswow64\timecontrolsvc\vmnetdrv32.exe

Digital Signature
Signed by:
Atom Security OOO

Authority:
COMODO CA Limited

Valid from:
6/4/2015 5:30:00 AM

Valid to:
6/4/2018 5:29:59 AM

Subject:
CN=Atom Security OOO, OU=development, O=Atom Security OOO, STREET="Academician Koptyuga Prospect, 4,office 158", L=Novosibirsk, S=nso, PostalCode=630090, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
2F74D159839B911DB6F1DFF991E70893

File PE Metadata
Compilation timestamp:
12/4/2016 6:58:44 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
12.0

Entry address:
0xC129A0

Entry point:
55, 8B, EC, E8, 08, 41, 05, 00, E8, 93, FD, FF, FF, 5D, C3, CC, 55, 8B, EC, 8B, 45, 08, 8B, 4D, 0C, 89, 08, 5D, C3, CC, CC, CC, 55, 8B, EC, 51, A1, 7C, 2B, 4E, 04, 89, 45, FC, 8B, 4D, 0C, F7, D1, 23, 4D, FC, 8B, 55, 08, 23, 55, 0C, 0B, CA, 89, 0D, 7C, 2B, 4E, 04, 8B, 45, FC, 8B, E5, 5D, C3, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 51, C7, 45, FC, 00, 00, 00, 00, A1, 7C, 2B, 4E, 04, 83, E0, 01, 74, 0A, 6A, 0A, E8, B4, CA, 00, 00, 83, C4, 04, E8, 1C, 35, FE, FF, 89, 45, FC, 83, 7D, FC, 00, 74, 0A, 6A, 16, E8...
 
[+]

Entropy:
4.8297

Developed / compiled with:
Microsoft Visual C++

Code size:
14.1 MB (14,793,216 bytes)

Remove vmnetdrv32.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.