energy management.exe

Lenovo Power Management Software

Lenovo (Beijing) Limited

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Energy Management’.
Publisher:
Lenovo (Beijing) Limited  (signed and verified)

Product:
Lenovo Power Management Software

Version:
3, 0, 1, 7

MD5:
fe3430cfa8d9c64302dd71012562e198

SHA-1:
74355fb851e4ba64f32a7f89d9f29b8c92e299b0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 7:56:14 PM UTC  (today)

File size:
1.2 MB (1,283,984 bytes)

Product version:
3, 0, 1, 7

Copyright:
Lenovo (Beijing) Limited. All Rights Reserved .

Original file name:
EnergyCut.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (PRC)

Common path:
C:\Program Files\lenovo\energy management\energy management.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
11/20/2007 2:00:00 AM

Valid to:
12/13/2008 1:59:59 AM

Subject:
CN=Lenovo (Beijing) Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Lenovo (Beijing) Limited, L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
65EB539DC56EDE0AFFD971C59B620B57

File PE Metadata
Compilation timestamp:
8/28/2008 9:54:34 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
12288:TPlgA54qjJfkKDSw1dMM1LPRK8Pq87w0ORG3yw0C+:5gASqOKDS+MM1LPRI86s36

Entry address:
0x1EB89

Entry point:
6A, 60, 68, 00, 72, 44, 00, E8, C3, 0B, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, 0F, F7, FF, FF, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, 04, 03, 44, 00, 8B, 4E, 10, 89, 0D, 34, 57, 45, 00, 8B, 46, 04, A3, 40, 57, 45, 00, 8B, 56, 08, 89, 15, 44, 57, 45, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, 38, 57, 45, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, 38, 57, 45, 00, C1, E0, 08, 03, C2, A3, 3C, 57, 45, 00, 33, F6, 56, 8B, 3D, 98, 02, 44, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03...
 
[+]

Entropy:
5.4883

Developed / compiled with:
Microsoft Visual C++ v7.0

Code size:
252 KB (258,048 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Energy Management

Command:
C:\Program Files\lenovo\energy management\energy management.exe


Scan energy management.exe - Powered by Reason Core Security