vpndownloader.exe

Cisco AnyConnect Secure Mobility Client

Cisco Systems, Inc.

This is a setup program which is used to install the application. This is installed with Cisco AnyConnect Secure Mobility Client. The file has been seen being downloaded from quoll.travelcorporation.com.au and multiple other hosts.
Publisher:
Cisco Systems, Inc.  (signed and verified)

Product:
Cisco AnyConnect Secure Mobility Client

Description:
Cisco AnyConnect Secure Mobility Client Downloader

Version:
3, 1, 09013

MD5:
7038fec5630029727a2aad9fdfa59bfc

SHA-1:
6988875f6408d7833d1cbcdee7a0e7da5c9dd81a

SHA-256:
eca2b78d56deb32b5af262f98fe6b57e46f214786dcb70805ddda158cb52c0ce

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 11:05:44 AM UTC  (today)

File size:
905.9 KB (927,632 bytes)

Product version:
3, 1, 09013

Copyright:
© Copyright 2004-2015, Cisco Systems, Inc.

Trademarks:
You can request legal trademarks and credits at anyconnect-credits@cisco.com

Original file name:
vpndownloader.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\vpndownloader.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
4/8/2014 2:00:00 AM

Valid to:
6/7/2016 1:59:59 AM

Subject:
CN="Cisco Systems, Inc.", OU=Endpoint Security, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Cisco Systems, Inc.", L=San Jose, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
636C7543DDBDF969F473160F4B099B9E

File PE Metadata
Compilation timestamp:
6/18/2015 5:05:09 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:2XP+zn+0MQJev1m0n/y5fPWuT8nKr7rABnu0npNCImRP1vVT:cPK+0Rev1V++U8nuXi/prmRP1vVT

Entry address:
0x65F4D

Entry point:
E8, 43, 05, 00, 00, E9, 58, FD, FF, FF, CC, FF, 25, 34, 57, 47, 00, FF, 25, 38, 57, 47, 00, FF, 25, 3C, 57, 47, 00, FF, 25, 40, 57, 47, 00, FF, 25, 44, 57, 47, 00, CC, CC, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 50, 96, 4C, 00, 89, 0D, 4C, 96, 4C, 00, 89, 15, 48, 96, 4C, 00, 89, 1D, 44, 96, 4C, 00, 89, 35, 40, 96, 4C, 00, 89, 3D, 3C, 96, 4C, 00, 66, 8C, 15, 68, 96, 4C, 00, 66, 8C, 0D, 5C, 96, 4C, 00, 66, 8C, 1D, 38, 96, 4C, 00, 66, 8C, 05, 34, 96, 4C, 00, 66, 8C, 25, 30, 96, 4C, 00, 66, 8C, 2D, 2C...
 
[+]

Code size:
463 KB (474,112 bytes)

The file vpndownloader.exe has been discovered within the following program.

Cisco AnyConnect Secure Mobility Client  by Cisco Systems, Inc.
Publisher's description - “Make the VPN experience easier and more secure with the enhanced remote access technology of Cisco AnyConnect Secure Mobility Client.”
www.cisco.com
7% remove it
 
Powered by Should I Remove It?

The file vpndownloader.exe has been seen being distributed by the following 2 URLs.