lsm.exe

zip

Onur Karagoz

The executable lsm.exe has been detected as malware by 8 anti-virus scanners.
Publisher:
Onur Karagoz  (signed and verified)

Product:
zip

Version:
1.0.0.0

MD5:
ea35e3e0245d34275d1b38d566491155

SHA-1:
f94df76cc7f280afb208fc1c1ce674701fc7fcd6

SHA-256:
7e1700d10f8193e40c50f797faa86d979d032cbf39a62fa77f63080d0b8003c7

Scanner detections:
8 / 68

Status:
Malware

Analysis date:
12/25/2024 4:48:10 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Razy.36575
264

AhnLab V3 Security
Trojan/Win32.Agent
2016.04.06

Arcabit
Trojan.Razy.D8EDF
1.0.0.666

Bitdefender
Gen:Variant.Razy.36575
1.0.20.685

Emsisoft Anti-Malware
Gen:Variant.Razy.36575
8.16.05.16.10

F-Secure
Gen:Variant.Razy.36575
11.2016-16-05_2

G Data
Gen:Variant.Razy.36575
16.5.25

MicroWorld eScan
Gen:Variant.Razy.36575
17.0.0.411

File size:
267.7 KB (274,168 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2016

Original file name:
zip.exe

File type:
Executable application (Win32 EXE)

Language:
Turkish (Turkey)

Common path:
C:\ProgramData\lsm.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
11/13/2014 2:00:00 AM

Valid to:
11/14/2015 1:59:59 AM

Subject:
CN=Onur Karagoz, O=Onur Karagoz, STREET=UĞURMUMCU MAH. UĞURMUMCU CAD., STREET=184 ÇATIEVLER SİTESİ, STREET=BLOK:C D:210, L=Ankara, S=Yenimahalle, PostalCode=06370, C=TR

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00CD82F99CAD17F58E443C98C1BD258CBA

File PE Metadata
Compilation timestamp:
4/2/2016 4:55:35 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:S9uHgKdSLATJfu/s6fNuarmgp0Lr15jYE4OHU3IY70f5JXWzQaKazX77+9ryw+DN:Soc2ufMgpU5cQHLJXWrnsCWm

Entry address:
0x3EBDE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 78, A4, 6A, D7, 56, B7, C7, E8, DB, 70, 20, 24, EE, CE, BD, C1, AF, 0F, 7C, F5, 2A, C6, 87, 47, 13, 46, 30, A8, 01, 95, 46, FD, D8, 98, 80, 69, AF, F7, 44, 8B, B1, 5B, FF, FF, BE, D7, 5C, 89, 22, 11, 90, 6B, 93, 71, 98, FD, 8E, 43, 79, A6, 21, 08, B4, 49, 62, 25, 1E, F6, 40, B3, 40, C0, 51, 5A, 5E, 26, AA, C7, B6, E9, 5D, 10, 2F, D6, 53, 14, 44, 02, 81, E6, A1, D8, C8, FB...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
243 KB (248,832 bytes)

Remove lsm.exe - Powered by Reason Core Security