home

AllModules.EXE

AllModules Application

Lepide Software Pvt. Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘AllM’.
Publisher:
Lepide Software Pvt. Ltd.  (signed and verified)

Product:
AllModules Application

Description:
AllModules MFC Application

Version:
1, 0, 0, 1

MD5:
d9a153b7353a28e5fcdcb654bc29257b

SHA-1:
c8abff4118c7a30253e4a1e4e3665c8384b61dd4

SHA-256:
289172217247334dae98ab2a2b5048832891472fbd5bbe4d1077d4d5c24e174b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 10:42:56 AM UTC  (today)

File size:
234.9 KB (240,584 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2010

Original file name:
AllModules.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\winlk\allmodules.exe

Digital Signature
Signed by:
Lepide Software Pvt. Ltd.

Authority:
GlobalSign nv-sa

Valid from:
3/23/2012 11:43:36 PM

Valid to:
4/23/2015 11:43:36 PM

Subject:
CN=Lepide Software Pvt. Ltd., O=Lepide Software Pvt. Ltd., C=IN

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112180CD4DA8A39D20E815CFC50643F9CC3F

File PE Metadata
Compilation timestamp:
4/26/2012 1:23:18 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x9333

Entry point:
55, 8B, EC, 6A, FF, 68, D8, 5B, 42, 00, 68, D8, B8, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 3C, 32, 42, 00, 33, D2, 8A, D4, 89, 15, 10, 04, 43, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 0C, 04, 43, 00, C1, E1, 08, 03, CA, 89, 0D, 08, 04, 43, 00, C1, E8, 10, A3, 04, 04, 43, 00, 6A, 01, E8, 02, 25, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C2, 00, 00, 00, 59, E8, 22, 24, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B1, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Entropy:
6.0826

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
136 KB (139,264 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
AllM

Command:
C:\Program Files\winlk\allmodules.exe


Scan AllModules.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.