home

etengineu.exe

Smart Link ETEngine.EXE

LG Electronics Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Ettin’.
Publisher:
LG Electronics Inc.  (signed and verified)

Product:
Smart Link ETEngine.EXE

Description:
Smart Link Main Interface

Version:
1, 0, 748, 0

MD5:
e9763b5c247a928d0e7e015e9c287bbf

SHA-1:
5580eaed4e70c55c86b0b1cd2ca8d7bfce8a1f30

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 1:12:41 PM UTC  (today)

File size:
85.3 KB (87,344 bytes)

Product version:
1, 0, 0, 0

Copyright:
Copyright (c) 2006-2009 LG Electronics Inc. All rights reserved.

Original file name:
ETEngine.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\ettin\etengineu.exe

Digital Signature
Signed by:
LG Electronics Inc.

Authority:
VeriSign, Inc.

Valid from:
8/6/2008 9:00:00 PM

Valid to:
8/24/2009 8:59:59 PM

Subject:
CN=LG Electronics Inc., OU=Engineering Dept. DID Division, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=LG Electronics Inc., L=Kumi, S=Kyoungsangbuk-do, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
593EE64A600CC02C1DA78BF505202817

File PE Metadata
Compilation timestamp:
3/26/2009 5:33:55 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:nESNpBXycFMvD73BF8w2RTQOuS+jf2ykyAT6PDo:EErv/xQrSMf2GATv

Entry address:
0x8930

Entry point:
55, 8B, EC, 6A, FF, 68, 60, A6, 40, 00, 68, 52, 8B, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, 5F, 57, FF, 15, 44, A4, 40, 00, 59, 83, 0D, B0, 3D, 41, 00, FF, 83, 0D, B4, 3D, 41, 00, FF, FF, 15, 48, A4, 40, 00, 8B, 0D, A4, 3D, 41, 00, 89, 08, FF, 15, 4C, A4, 40, 00, 8B, 0D, A0, 3D, 41, 00, 89, 08, A1, 50, A4, 40, 00, 8B, 00, A3, AC, 3D, 41, 00, E8, B0, 01, 00, 00, 39, 1D, A0, EC, 40, 00, 75, 0C, 68, 4E, 8B, 40, 00, FF, 15...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
36 KB (36,864 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Ettin

Command:
C:\Windows\System32\ettin\etengineu.exe


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.