home

Energy Management.exe

Lenovo Energy Management Software 8.0

Lenovo (Beijing) Limited

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Energy Management’. This is installed with Energy Management. The file has been seen being downloaded from cs13.superfiles.me.
Publisher:
Lenovo (Beijing) Limited  (signed and verified)

Product:
Lenovo Energy Management Software 8.0

Version:
8.0.2.4

MD5:
df99547e3cd8c828202546ed9c4d7d25

SHA-1:
2446c883302c06e2e377db2ade3cf2733d49b7a0

SHA-256:
83013eee760004e812cd63662843d1f3972afbf83b4739935fc746f470fa7188

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 5:51:37 AM UTC  (today)

File size:
16.3 MB (17,080,376 bytes)

Product version:
8.0.2.4

Copyright:
Lenovo (Beijing) Limited。All Rights Reserved。

Original file name:
Energy Management.exe

File type:
Executable application (Win64 EXE)

Language:
Chinese (Simplified, China)

Common path:
C:\Program Files\lenovo\energy management\energy management.exe

Digital Signature
Signed by:
Lenovo (Beijing) Limited

Authority:
VeriSign, Inc.

Valid from:
12/20/2011 6:00:00 PM

Valid to:
3/21/2015 6:59:59 PM

Subject:
CN=Lenovo (Beijing) Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Lenovo (Beijing) Limited, L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2D5239E702A5EAD6CF85DA4853BD22E9

File PE Metadata
Compilation timestamp:
8/10/2012 6:54:07 PM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
98304:tBaYnRW/u5Z0ZjE5Uxh69Fh9PzfIFpYzlrf2Z/8Ty7B2c728NlXX1Ss7XU3sjDsL:LaYM/31m9eHDOsP64fWpk6

Entry address:
0x36F190

Entry point:
48, 83, EC, 28, E8, B7, 7D, 01, 00, E8, F2, FD, FF, FF, 48, 83, C4, 28, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 4C, 8B, D9, 49, 83, F8, 08, 72, 6B, 0F, B6, D2, 0F, BA, 25, C4, D4, 1D, 00, 01, 73, 0E, 57, 48, 8B, F9, 8B, C2, 49, 8B, C8, F3, AA, 5F, EB, 5F, 49, B9, 01, 01, 01, 01, 01, 01, 01, 01, 49, 0F, AF, D1, 49, 83, F8, 40, 72, 1E, 48, F7, D9, 83, E1, 07, 74, 06, 4C, 2B, C1, 49, 89, 13, 49, 03, CB, 4D, 8B, C8, 49, 83, E0, 3F...
 
[+]

Entropy:
5.7316

Code size:
3.9 MB (4,079,616 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Energy Management

Command:
C:\Program Files\lenovo\energy management\energy management.exe


The file Energy Management.exe has been discovered within the following programs.

Energy Management  by Lenovo
Lenovo’s Energy Management interface tool allows user-modification of system settings to make better use of available energy when running mobile versus stationary.
www.lenovo.com
23% remove it
 
Powered by Should I Remove It?

The file Energy Management.exe has been seen being distributed by the following URL.

http://cs13.superfiles.me/f/091131181062194117101030236035009188158210019128182005/1433800838/52531038/0/.../Energy_Management-spaces.ru.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.