vmntoolbarsetup.exe

VMN Toolbar

Visicom Media Inc.

This is part of the Visicom VMN web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The application vmntoolbarsetup.exe by Visicom Media has been detected as a potentially unwanted program by 9 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer.
Publisher:
Visicom Media Inc.  (signed and verified)

Product:
VMN Toolbar

Version:
1.7

MD5:
d8de8c637e790121cd850489c03e3f7f

SHA-1:
fd5d2826bd8aa2a39ededefc35da1cbc8542abe2

SHA-256:
cc209731601f21b12cb9501305d3cb48fc8ecf68d17f47008b7865f62e6c32df

Scanner detections:
9 / 68

Status:
Potentially unwanted

Analysis date:
11/14/2024 2:59:43 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Adware.MegaSearch
7.1.1

Avira AntiVirus
DR/MegaSearch.N.25
7.11.117.240

McAfee
Generic PUP.x
5600.6757

Panda Antivirus
Adware/Naupoint
15.05.23.09

Quick Heal
AdWare.MegaSearch.n.n8 (Not a Virus)
5.15.12.00

Reason Heuristics
PUP.Visicom.VMNToolbar.Installer
15.5.23.9

Trend Micro House Call
TROJ_GEN.RCBZ2JS
7.2.143

Trend Micro
TROJ_GEN.RCBZ2JS
10.465.23

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.24.3

File size:
2 MB (2,046,112 bytes)

Copyright:
© Visicom Media Inc.

Trademarks:
Visicom Media Inc, All Rights Reserved

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Digital Signature
Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
6/20/2007 2:00:00 AM

Valid to:
6/23/2008 1:59:59 AM

Subject:
CN=Visicom Media Inc., OU=SECURE APPLICATION DEVELOPMENT, O=Visicom Media Inc., L=Brossard, S=Quebec, C=CA

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
53647B50983ED1EB11C279CB398C2CA4

File PE Metadata
Compilation timestamp:
7/14/2007 5:12:45 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:tzek6a9uCACCAyc7Ssl4liMqpmeZf6e7utmiiQkQ3jO:ok6IfAclflogflQE83jO

Entry address:
0x30CC

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, C8, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 78, 72, 40, 00, 6A, 08, A3, D4, 3F, 42, 00, E8, AF, 2A, 00, 00, A3, 24, 3F, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, E0, F4, 41, 00, FF, 15, 54, 71, 40, 00, 68, B8, 91, 40, 00, 68, 20, 37, 42, 00, E8, 8B, 27, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 79, 27, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
22 KB (22,528 bytes)

Remove vmntoolbarsetup.exe - Powered by Reason Core Security