home

LaunchExtractor.exe

Yugma

YSL Holdings LLC

Publisher:
YSL Holdings LLC.  (signed by YSL Holdings LLC)

Product:
Yugma

Description:
LaunchExtractor

Version:
4, 5, 0, 0

MD5:
c5806ec1a7da6bb8968c6c0464d81d46

SHA-1:
c9748c7ca9d05d2459cecc8ec6f428873c8e3c19

SHA-256:
a414f9ac86b802649ea668f8c9f0be2a2f1a9c677d53f02b4ffb11f07dd75cd6

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/25/2024 3:16:07 PM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Trojan-Spy.Win32.Zbot
t3scan.1.9.5.0

File size:
178.5 KB (182,776 bytes)

Product version:
4, 5, 0, 0

Copyright:
Copyright © 2003-2010, YSL Holdings LLC.

Original file name:
LaunchExtractor.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\ishi\yugma\4.1\launchextractor.exe

Digital Signature
Signed by:
YSL Holdings LLC

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
5/26/2010 7:00:00 PM

Valid to:
5/26/2012 6:59:59 PM

Subject:
CN=YSL Holdings LLC, OU=IT, O=YSL Holdings LLC, L=Eden Prairie, S=Minnesota, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
3DCC4254D9AA2CBCF066B882BE194A66

File PE Metadata
Compilation timestamp:
6/3/2010 3:12:59 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:OQd+5vgTNGV7Uyd92nU3NKb3WDt2GV1uihP2lnCb:DXJk7Uyj2nbbbGPf2lnCb

Entry address:
0x3A20

Entry point:
55, 8B, EC, 6A, FF, 68, 28, 4A, 42, 00, 68, 6C, 82, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, C4, A4, 53, 56, 57, 89, 65, E8, FF, 15, 6C, A2, 42, 00, A3, 5C, 77, 42, 00, A1, 5C, 77, 42, 00, C1, E8, 08, 25, FF, 00, 00, 00, A3, 68, 77, 42, 00, 8B, 0D, 5C, 77, 42, 00, 81, E1, FF, 00, 00, 00, 89, 0D, 64, 77, 42, 00, 8B, 15, 64, 77, 42, 00, C1, E2, 08, 03, 15, 68, 77, 42, 00, 89, 15, 60, 77, 42, 00, A1, 5C, 77, 42, 00, C1, E8, 10, 25, FF, FF, 00, 00, A3, 5C, 77, 42, 00, 6A, 00, E8, CD...
 
[+]

Entropy:
3.7544

Developed / compiled with:
Microsoft Visual C++

Code size:
140 KB (143,360 bytes)

Scan LaunchExtractor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.