home

lucoms.exe

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘TimeInformer’.
MD5:
de00c73f3d9fc20d10b668174925feb9

SHA-1:
e67a609ce5bf2aa1ca451dedd6661f27d4817c49

SHA-256:
062349cdf5893aa989ead1323cabbd93336d6272153ee8682365063dc9b797c7

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/1/2025 8:08:46 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Trojan.DownLoader23.50869
9.0.1.05190

File size:
1 MB (1,089,016 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\lucoms.exe

File PE Metadata
Compilation timestamp:
1/31/2017 7:34:44 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x74FD

Entry point:
80, 65, 40, 00, 00, 00, 00, 00, 00, 34, 40, 00, 00, 00, 00, 00, A0, 62, 40, 00, 00, 00, 00, 00, C0, 6A, 40, 00, 00, 00, 00, 00, 00, 18, 40, 00, 00, 00, 00, 00, 80, 65, 40, 00, 00, 00, 00, 00, 80, 65, 40, 00, 00, 00, 00, 00, 80, 65, 40, 00, 00, 00, 00, 00, 00, 4B, 40, 00, 00, 00, 00, 00, A0, 62, 40, 00, 00, 00, 00, 00, C0, 6A, 40, 00, 00, 00, 00, 00, 00, 14, 40, 00, 00, 00, 00, 00, 80, 65, 40, 00, 00, 00, 00, 00, 80, 65, 40, 00, 00, 00, 00, 00, 80, 65, 40, 00, 00, 00, 00, 00, 80, 43, 40, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9362  (probably packed)

Code size:
28 KB (28,673 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
TimeInformer

Command:
C:\windows\lucoms.exe


Scan lucoms.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.