Gridinsoft Logo
File Icon

The BrightVPN-Setup-1.472.797-19aea03d.exe File Analysis

Updated 10 months ago
Checked by Malware Check
BrightVPN-Setup-1.472.797-19aea03d.exe

Technical Analysis

File Name BrightVPN-Setup-1.472.797-19aea03d.exe
File Type
Win32 EXE
Magic Bytes PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
SSDEEP Hash
196608:iUX1A/h3hCFYJ7dJiu2cXevevMRd2WcBRGacd3vEFbh2ztBfueVyg3R:iBkFKhJVuvev4d294iIbdh
Scanner Version 1.0.183.174
Database Version 2024-08-01 01:00:24 UTC

Suspicious File Detected

Detected by 14 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
19%
Detection Rate
7,687,360
File Size (bytes)
14/72
Engines Detected
2024-08-01
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
3d7a053bd1382496539ea51e7cb4f353
SHA1
f8a1af10ffd32e7ef77362ae16a7f7c7190b8c2c
SHA256
e4a4b7dc1ce13f53365fc9940f001d962114d14ff0f2dee826e7e0ae0a8c0da8
SHA512
9c01cdd313ef701ef68c05369dc142804407bcb30bb2cb377a095d0fceb17e6478f85d1e6ed96f07483ed1637414541c4217445ce6cc0faf85b2bda1f74def74
ImpHash
b34f154ec913d2d2c435cbd644e91687

Security Engines with Detections (14 of 72)

McAfee
Artemis!3D7A053BD138 Malicious
Kaspersky
not-a-virus:HEUR:Server-Proxy.Win32.Luminati.gen Malicious
Avast
FileRepPup [PUP] Malicious
F-Secure
PotentialRisk.PUA/Agent.qqbvd Malicious
TrendMicro
PUA.Win32.NSISMod.V Malicious
Avira
PUA/Agent.qqbvd Malicious
ZoneAlarm
not-a-virus:HEUR:Server-Proxy.Win32.Luminati.gen Malicious
Cylance
Unsafe Malicious
TrendMicro-HouseCall
PUA.Win32.NSISMod.V Malicious
MaxSecure
Trojan.Malware.140233589.susgen Malicious
Fortinet
Riskware/Application Malicious
AVG
FileRepPup [PUP] Malicious
DeepInstinct
MALICIOUS Malicious
alibabacloud
ProxyTool:Win/Luminati.gyf Malicious
58 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Icon
Hash: 836d57e341f4bf67f70051053e33ad41
Fuzzy: 0694950af356e6a45fe35bf5f8a3c2d6
dHash: e30c8ca61c98f162
Image Base 0x00400000
Entry Point 0x0040338f
Compilation Time 2018-12-15 22:26:14
Checksum 0x007596bc (Actual: 0x007596bc)
OS Version 4.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
Digital Signature OK
Imports 7 libraries
KERNEL32, USER32, GDI32, SHELL32, ADVAPI32, COMCTL32, ole32
Exports 0 functions
Resources 27 Resources
Sections 5 Sections

Version Information

CompanyName Bright Data Ltd.
FileDescription
FileVersion 1.472.797
LegalCopyright Copyright © 2024 Bright Data Ltd.
ProductName Bright VPN
ProductVersion 1.472.797
Translation 0x0409 0x04e4

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 26,151 bytes 26,624 bytes 6.45 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 7618D4C0CD8BB67EA9595B4266B3A91F
.rdata 0x00008000 5,282 bytes 5,632 bytes 5.03 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ EECAC1FED9CC6B447D50940D178404D8
.data 0x0000a000 462,840 bytes 1,536 bytes 4.04 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE DB8F31A08A2242D80C29E1F9500C6527
.ndata 0x0007b000 1,474,560 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.rsrc 0x001e3000 316,896 bytes 316,928 bytes 2.46 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 018A2B17435E2E01E48D5DBC7D29070A

Resource Analysis

Total Resources: 27 (315,394 bytes)
Resource Type Count Total Size Percentage
RT_ICON 6 307,826 bytes
97.6%
RT_DIALOG 18 5,808 bytes
1.8%
RT_GROUP_ICON 1 90 bytes
0%
RT_VERSION 1 600 bytes
0.2%
RT_MANIFEST 1 1,070 bytes
0.3%

Certificate Chain Analysis

Certificate Information
Product Bright VPN
File Version 1.472.797
Signing Date 01:24 PM 07/08/2024 (349 days ago)
Verification Status Signed
Signers Bright Data Ltd; DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1; DigiCert Trusted Root G4; DigiCert
Counter Signers DigiCert Timestamp 2023; DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA; DigiCert Trusted Root G4; DigiCert
Copyright Copyright © 2024 Bright Data Ltd.
Certificate Chain Summary
DigiCert Trusted Root G4 #1 Primary
Validity Period: 2022-08-01 00:00:00 → 2031-11-09 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 0E 9B 18 8E F9 D0 2D E7 EF DB 50 E2 08 40 18 5A
DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA #2 Chain
Validity Period: 2022-03-23 00:00:00 → 2037-03-22 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 07 36 37 B7 24 54 7C D8 47 AC FD 28 66 2A 5E 5B
DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 #3 Chain
Validity Period: 2021-04-29 00:00:00 → 2036-04-28 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 08 AD 40 B2 60 D2 9C 4C 9F 5E CD A9 BD 93 AE D9
DigiCert Timestamp 2023 #4 Chain
Validity Period: 2023-07-14 00:00:00 → 2034-10-13 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 05 44 AF F3 94 9D 08 39 A6 BF DB 3F 5F E5 61 16
Bright Data Ltd #5 Chain
Validity Period: 2022-05-09 00:00:00 → 2025-05-08 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 01 8D FC 25 F1 D4 9B 05 9E 28 A9 07 D1 22 92 B2

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
14 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware