» l2.exe
Overview
Analysis
File Details

l2.exe

Private Enterprise LST

File name:

l2.exe

Publisher:

Private Enterprise LST (signed and verified)

MD5:

088834747786a0fb4bd14f8d7f73f4b0

SHA-1:

d7f9c749cf1de49421958580e7cf505255bafd83

SHA-256:

52166ce8fefa033d52aca8fdf010f52dcfd48553184bb108684fdb9f6538c983

Scanner detections:

3 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

5/16/2024 10:56:02 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Dropper.Gen

8.3.3.4

Sophos

Mal/RootKit-A

4.98

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.26.4

File size:

3 MB (3,134,888 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\l2.exe

Digital Signature

Signed by:

Private Enterprise LST

Authority:

GlobalSign nv-sa

Valid from:

7/13/2016 2:21:44 PM

Valid to:

7/14/2017 2:21:44 PM

Subject:

E=info@active-ac.ru, CN=Private Enterprise LST, O=Private Enterprise LST, L=Brest, S=Brest voblast, C=BY

Issuer:

CN=GlobalSign CodeSigning CA - G3, O=GlobalSign nv-sa, C=BE

Serial number:

6AC0FCC48F5D17F1C84612B5

File PE Metadata

Compilation timestamp:

3/10/2017 2:17:11 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

Entry address:

0x11DE5E

Entry point:

56, E9, 4C, 79, FF, FF, 56, 45, 52, 53, 49, 4F, 4E, 2E, 64, 6C, 6C, 00, 00, 00, 4D, 65, 73, 73, 61, 67, 65, 42, 6F, 78, 41, 00, 8D, 64, 24, 30, 0F, 85, 44, 8D, FF, FF, 66, 0F, BA, E3, 03, 66, 81, E1, 75, E6, 66, 0F, BD, F5, 89, F9, 0F, B6, F0, 0F, BE, F1, 29, D9, 66, 0F, B6, F0, 0F, BD, F7, 89, E6, F9, E8, 53, 64, FF, FF, 68, 4B, 73, 02, 63, C6, 44, 24, 04, 43, E8, 27, 54, 00, 00, 3B, 4D, F8, 53, 8D, 64, 24, 08, 0F, 86, 00, 8D, FF, FF, 66, 81, DF, A2, 63, 0F, BA, EF, 17, 66, C1, C6, 09, 83, E9, 01, 66, C1... 
[+]

Code size:

58.5 KB (59,904 bytes)

Scan l2.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.