home

lyi_my.exe

VANKY TECHNOLOGY LIMITED

The application lyi_my.exe by VANKY TECHNOLOGY LIMITED has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
VANKY TECHNOLOGY LIMITED  (signed and verified)

MD5:
46e6a7d8d7d899d7c256720ef7242304

SHA-1:
daf6f7e727fb761c86d5a0f004a76fa46a112dcb

SHA-256:
52c8d3bf90687671744f215a7637fa93c6ec63ba51ee12e1590f389b202c77cb

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 7:34:53 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.YesSearches (M)
16.12.12.4

File size:
400.8 KB (410,384 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\lyi_my.exe

Digital Signature
Signed by:
VANKY TECHNOLOGY LIMITED

Authority:
GlobalSign nv-sa

Valid from:
12/5/2016 8:43:29 AM

Valid to:
1/21/2017 7:41:53 AM

Subject:
CN=VANKY TECHNOLOGY LIMITED, O=VANKY TECHNOLOGY LIMITED, L=香港, S=香港, C=HK

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G3, O=GlobalSign nv-sa, C=BE

Serial number:
0F203839A9C63B8798A7CB31

File PE Metadata
Compilation timestamp:
11/22/2016 1:53:02 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x5085

Entry point:
E8, BC, 21, 00, 00, E9, D1, 68, 00, 00, CC, 55, 8B, EC, 83, EC, 7C, A1, 00, 20, 46, 00, 33, C5, 89, 45, FC, 56, 8B, F1, 85, F6, 74, 34, 8D, 55, 88, E8, 11, 1E, 00, 00, 8D, 55, 88, 8B, CE, E8, F7, E3, FF, FF, 83, EC, 08, 8D, 4D, 88, E8, AC, D4, FF, FF, 83, C4, 08, B8, 01, 00, 00, 00, 5E, 8B, 4D, FC, 33, CD, E8, 43, 0D, 00, 00, 8B, E5, 5D, C3, 8B, 4D, FC, 33, C0, 33, CD, 5E, E8, 32, 0D, 00, 00, 8B, E5, 5D, C3, 56, 57, 33, FF, 89, 0D, 7C, 4D, 46, 00, 57, 51, 57, 57, 57, B8, 00, 00, 00, 80, 50, 57, 50, 68, 00...
 
[+]

Code size:
358.5 KB (367,104 bytes)

Remove lyi_my.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.