home

ldshell.exe

联想企业网盘

Lenovo (Beijing) Limited

It runs as a separate (within the context of its own process) windows Service named “MyLDShell”.
Publisher:
联想集团有限公司  (signed by Lenovo (Beijing) Limited)

Product:
联想企业网盘

Version:
3.3.0.24

MD5:
bf0f5f61762bd5871c2d57c2dbe425d2

SHA-1:
d0258c35a4cab15e86b583d70306e472d2359ef5

SHA-256:
3b5e8fa26cff0d4e1a873520c34b5111c7db57f2657a296ed97d07c9aa855c77

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 9:24:19 PM UTC  (today)

File size:
321.2 KB (328,896 bytes)

Product version:
3.3.0.24

Copyright:
版权所有 2013 联想集团有限公司

Original file name:
MyLDShell.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\lenovo\lenovodata3\ldshell.exe

Digital Signature
Signed by:
Lenovo (Beijing) Limited

Authority:
Thawte, Inc.

Valid from:
3/19/2013 8:00:00 AM

Valid to:
4/19/2015 7:59:59 AM

Subject:
CN=Lenovo (Beijing) Limited, O=Lenovo (Beijing) Limited, L=Beijing, S=Beijing, C=CN

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
1B4F4F5F3E6EA9B04AAB02E43006E421

File PE Metadata
Compilation timestamp:
12/16/2014 11:25:40 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x15B0A

Entry point:
E8, B1, 66, 00, 00, E9, 89, FE, FF, FF, 57, 8B, C6, 83, E0, 0F, 85, C0, 0F, 85, C1, 00, 00, 00, 8B, D1, 83, E1, 7F, C1, EA, 07, 74, 65, EB, 06, 8D, 9B, 00, 00, 00, 00, 66, 0F, 6F, 06, 66, 0F, 6F, 4E, 10, 66, 0F, 6F, 56, 20, 66, 0F, 6F, 5E, 30, 66, 0F, 7F, 07, 66, 0F, 7F, 4F, 10, 66, 0F, 7F, 57, 20, 66, 0F, 7F, 5F, 30, 66, 0F, 6F, 66, 40, 66, 0F, 6F, 6E, 50, 66, 0F, 6F, 76, 60, 66, 0F, 6F, 7E, 70, 66, 0F, 7F, 67, 40, 66, 0F, 7F, 6F, 50, 66, 0F, 7F, 77, 60, 66, 0F, 7F, 7F, 70, 8D, B6, 80, 00, 00, 00, 8D, BF...
 
[+]

Entropy:
6.6423

Code size:
124.5 KB (127,488 bytes)

Service
Display name:
MyLDShell

Type:
Win32OwnProcess

Depends on:
RPCSS


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.