home

lhaca124.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from ftp.vector.co.jp and multiple other hosts.
Version:
1.24

MD5:
bcb727c8363b5289553410b3c48ba1cc

SHA-1:
843bd00b3fa39784561a988b54dd6df8e59dc218

SHA-256:
ea69b364463dd8f3793697c6e17f71bb42ed98cff5c885cc408d71758bb0737b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 5:22:34 AM UTC  (today)

File size:
281.8 KB (288,544 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\lhaca124.exe

File PE Metadata
Compilation timestamp:
12/13/1999 4:23:28 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.2

CTPH (ssdeep):
6144:XXBtM7D7q+L5N354R7aW6CoWv6o91roTuJRYd5Aw67EchQUzki:BIL5t5i6CCo94mRYfAw671zki

Entry address:
0x17C2

Entry point:
53, 33, DB, 53, FF, 15, 90, D1, 40, 00, A3, 20, B9, 40, 00, FF, 15, 38, D1, 40, 00, E8, D8, 02, 00, 00, 85, C0, 74, 36, A1, B4, A7, 40, 00, 3B, C3, 74, 2D, 83, F8, 01, 74, 21, A1, AC, A4, 40, 00, 38, 18, 75, 05, B8, 7C, A0, 40, 00, 6A, 24, FF, 35, B4, A4, 40, 00, 50, E8, 2A, 00, 00, 00, 83, F8, 06, 75, 1C, E8, 2C, 01, 00, 00, EB, 15, 53, 68, 4F, 18, 40, 00, 53, 6A, 66, FF, 35, 20, B9, 40, 00, FF, 15, D4, D1, 40, 00, 53, FF, 15, 8C, D1, 40, 00, 5B, C3, FF, 74, 24, 0C, FF, 74, 24, 0C, FF, 74, 24, 0C, FF, 35...
 
[+]

Entropy:
7.9203  (probably packed)

Code size:
29.5 KB (30,208 bytes)

The file lhaca124.exe has been discovered within the following program.

EasyCleaner  by ToniArts
Publisher's description - “EasyCleaner is a small program that searches through Windows registry for entries that are pointing nowhere. EasyCleaner also lets you delete all kinds of unnecessary files like temps and backups.”
personal.inet.fi/business/toniarts
40% remove it
 
Powered by Should I Remove It?

The file lhaca124.exe has been seen being distributed by the following 4 URLs.

http://ftp.vector.co.jp/43/40/.../Lhaca124.exe

http://dl.freesoft-100.com/.../Lhaca124.EXE

http://park8.wakwak.com/~app/.../Lhaca124.EXE

http://ftp.vector.co.jp/pack/win95/util/.../Lhaca124.exe

Scan lhaca124.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.