home

6058c239.ffed.4fe3.a46d.064cd16a9158.exe

Lenovo (Beijing) Limited

Publisher:
Lenovo (Beijing) Limited  (signed and verified)

MD5:
168d60461162121dc238b68777d33dca

SHA-1:
d60b11de98083ba1345663df013ca3035ec610a9

SHA-256:
003b810e66f3e61ee3d29293fc2e296e52adaa0c46e1b586201f4868701cabf6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 10:53:27 PM UTC  (today)

File size:
21.2 MB (22,209,328 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\lenovo sdp\6058c239.ffed.4fe3.a46d.064cd16a9158.exe

Digital Signature
Signed by:
Lenovo (Beijing) Limited

Authority:
Symantec Corporation

Valid from:
1/7/2016 1:00:00 AM

Valid to:
7/29/2017 1:59:59 AM

Subject:
CN=Lenovo (Beijing) Limited, OU=IT, O=Lenovo (Beijing) Limited, L=Beijing, S=Beijing, C=CN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
54C24221788DA13E6A6BEC33DB923C0E

File PE Metadata
Compilation timestamp:
8/14/2016 9:15:49 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
393216:GFlbttgJBoxQPF20o1Ipq4vtPTHj+8ZZTJMOGRcJBBGOyM7GsgnafTIuPC8k9Dck:IlJuJu69o1IpTB/TbGcnejsEkIuPC8EP

Entry address:
0x1CAB5

Entry point:
E8, 99, 04, 00, 00, E9, 80, FE, FF, FF, 3B, 0D, B8, 91, 43, 00, F2, 75, 02, F2, C3, F2, E9, 0F, 06, 00, 00, 83, 61, 04, 00, 8B, C1, 83, 61, 08, 00, C7, 41, 04, 60, FF, 42, 00, C7, 01, FC, 08, 43, 00, C3, 55, 8B, EC, 56, FF, 75, 08, 8B, F1, E8, 44, 38, FF, FF, C7, 06, 08, 09, 43, 00, 8B, C6, 5E, 5D, C2, 04, 00, 83, 61, 04, 00, 8B, C1, 83, 61, 08, 00, C7, 41, 04, 10, 09, 43, 00, C7, 01, 08, 09, 43, 00, C3, 55, 8B, EC, 83, EC, 0C, 8D, 4D, F4, E8, A7, FF, FF, FF, 68, 58, 6C, 43, 00, 8D, 45, F4, 50, E8, CD, 28...
 
[+]

Entropy:
7.9992  (probably packed)

Code size:
184 KB (188,416 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.