ju2lm7zohjvh.exe

Windows Internet Explorer

Media Skrins

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The executable ju2lm7zohjvh.exe, “Internet Low-Mic Utility Tool” has been detected as malware by 1 anti-virus scanner.
Publisher:
Microsoft Corporation  (signed by Media Skrins)

Product:
Windows® Internet Explorer

Description:
Internet Low-Mic Utility Tool

Version:
8.00.7600.16385 (win7_rtm.090713-1255)

MD5:
5f9807cab574e2954f80ad5f05633034

SHA-1:
eedc8a0b600d941ecc00b399b64c4d91cc1f59f0

SHA-256:
5ff1936d446f196ba27d6fd072491bd67b87b66ee7c7a343915f1c8cc05bcf44

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/25/2024 4:18:36 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.13.19

File size:
935 KB (957,456 bytes)

Product version:
8.00.7600.16385

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
ielowutil.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\ju2lm7zohjvh.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
7/8/2016 11:00:00 AM

Valid to:
7/9/2017 10:59:59 AM

Subject:
CN=Media Skrins, O=Media Skrins, STREET="Sergeya Radonezhskogo, 1", L=Moscow, S=Moscowskaya, PostalCode=105120, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
4306C63FF43EF33E0058941CF93B71D8

File PE Metadata
Compilation timestamp:
7/29/2016 11:42:59 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x90BA0

Entry point:
55, 8B, EC, 81, EC, 54, 02, 00, 00, 53, 56, 57, C6, 85, 6F, FF, FF, FF, D6, 8D, 09, 68, BD, 0B, 49, 00, C3, CD, 7F, 8B, 85, D4, FE, FF, FF, 69, C0, 03, 04, CB, 13, 89, 85, C0, FE, FF, FF, C7, 85, C8, FE, FF, FF, 04, 00, 00, 00, 68, 40, D5, 4C, 00, FF, 15, 8C, 23, 49, 00, 68, 44, D5, 4C, 00, FF, 15, 88, 23, 49, 00, 8B, 8D, C8, FE, FF, FF, 83, C1, 0C, 89, 8D, C8, FE, FF, FF, 81, BD, C8, FE, FF, FF, B3, AC, 00, 00, 76, 02, EB, 09, BA, BC, 01, 00, 00, 85, D2, 75, C4, 8B, D2, 8B, 55, 08, 8B, D2, 89, 15, 3C, 1E...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
578 KB (591,872 bytes)

Remove ju2lm7zohjvh.exe - Powered by Reason Core Security