» 3gs_lj.exe
Overview
Analysis
File Details

3gs_lj.exe

Xin Zhou

The executable 3gs_lj.exe has been detected as malware by 1 anti-virus scanner.

File name:

3gs_lj.exe

Publisher:

Xin Zhou (signed and verified)

MD5:

1e660d00ddb707e2173b0d5e6f39ce80

SHA-1:

872132e08ac01ee0201bb0c1310cb81ed0832a3c

SHA-256:

76ac64d0cc0ce1b433aca9fb9a46a6874bce71b9c167810f966d5ebe5ac704db

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

5/12/2024 9:15:54 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

17.2.8.11

File size:

427.2 KB (437,464 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\3gs_lj.exe

Digital Signature

Signed by:

Xin Zhou

Authority:

thawte, Inc.

Valid from:

1/22/2017 3:00:00 AM

Valid to:

3/23/2017 2:59:59 AM

Subject:

CN=Xin Zhou, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:

CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:

35F9E707577DD44B242082BD796F64CF

File PE Metadata

Compilation timestamp:

1/19/2017 6:05:19 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x78DC

Entry point:

E8, 33, F0, FF, FF, E9, 5B, 6E, 00, 00, 55, 8B, EC, 83, EC, 10, FF, 75, 08, 8D, 4D, F0, E8, 6D, 17, 00, 00, FF, 75, 20, 8D, 45, F0, FF, 75, 1C, FF, 75, 18, FF, 75, 14, FF, 75, 10, FF, 75, 0C, 50, E8, 3E, 99, 00, 00, 83, C4, 1C, 80, 7D, FC, 00, 74, 07, 8B, 4D, F8, 83, 61, 70, FD, 8B, E5, 5D, C3, 56, 57, BE, A8, 8A, 46, 00, 8B, FE, 53, 8B, 1F, 85, DB, 74, 17, 83, 7F, 04, 01, 74, 11, 53, FF, 15, 8C, 10, 46, 00, 53, E8, 42, 20, 00, 00, 83, 27, 00, 59, 83, C7, 08, 81, FF, C8, 8B, 46, 00, 7C, D8, 5B, 83, 3E, 00... 
[+]

Code size:

383.5 KB (392,704 bytes)

Remove 3gs_lj.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.