home

lin_event.bin

NCsoft Corp.

Publisher:
NCsoft Corp.  (signed and verified)

MD5:
fd79379a784ff758500b8321e5efe919

SHA-1:
0301e874b34130898fe20186f69dfcddf4d3ea20

SHA-256:
84af48490614facd66ec626a1d93812b18fe1253c8c9a09aa6ad6947052707e0

Scanner detections:
4 / 68

Status:
Inconclusive  (probably just false positive detections)

Analysis date:
1/13/2025 6:39:20 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Patched.Gen2
7.11.1.122

F-Prot
W32/Themida_Packed
v6.4.6.2.117

IKARUS anti.virus
Trojan.Patched
t3scan.1.1.97.0

VIPRE Antivirus
Backdoor.Win32.Ircbot.gen
8067

File size:
1.6 MB (1,645,984 bytes)

Common path:
C:\users\{user}\downloads\lineage\lineage\lin_event.bin

Digital Signature
Signed by:
NCsoft Corp.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
1/20/2008 9:37:35 PM

Valid to:
1/19/2010 9:37:35 PM

Subject:
CN=NCsoft Corp., OU=System Operation Team, O=NCsoft Corp., L=Gangnam-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
1CE0F246FE809D042CAE39B0B2A8ACBE

File PE Metadata
Compilation timestamp:
12/3/2009 1:38:36 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:sEu0NHEjnGHjc3i3+BacXic3Ic7wx6pTxwC:sv0FGOOBHiNgB

Entry address:
0x70D000

Entry point:
83, EC, 04, 50, 53, E8, 01, 00, 00, 00, CC, 58, 8B, D8, 40, 2D, 00, 90, 0C, 00, 2D, 65, E3, 60, 00, 05, 5A, E3, 60, 00, 80, 3B, CC, 75, 19, C6, 03, 00, BB, 00, 10, 00, 00, 68, 9C, F4, 1B, 3A, 68, C5, 66, 82, 79, 53, 50, E8, 0A, 00, 00, 00, 83, C0, 00, 89, 44, 24, 08, 5B, 58, C3, 55, 8B, EC, 60, 8B, 75, 08, 8B, 4D, 0C, C1, E9, 02, 8B, 45, 10, 8B, 5D, 14, EB, 08, 31, 06, 01, 1E, 83, C6, 04, 49, 0B, C9, 75, F4, 61, C9, C2, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9277  (probably packed)

Code size:
1.1 MB (1,122,304 bytes)

Scan lin_event.bin - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.