home

lbackup.exe

SimonTools LiveBackup

concept/design GmbH

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘lbackup’.
Publisher:
concept/design GmbH  (signed and verified)

Product:
SimonTools LiveBackup

Version:
1.0.0.2

MD5:
959272c108193431ec14e56369837a53

SHA-1:
e16ce0a0620bc837254959e05797943e7250ad30

SHA-256:
451870036500641ff6ef7ee95eee093bb990295871a656fe2055d2ae7cbac7a0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 2:10:36 PM UTC  (today)

File size:
1.4 MB (1,455,048 bytes)

Product version:
1.x

Copyright:
(c) 2009 concept/design GmbH

Trademarks:
(c) 2009 concept/design GmbH

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Common path:
C:\Program Files\s.a.d\simontools livebackup\lbackup.exe

Digital Signature
Signed by:
concept/design GmbH

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
8/1/2008 2:00:00 AM

Valid to:
8/2/2009 1:59:59 AM

Subject:
CN=concept/design GmbH, OU=Secure Application Development, O=concept/design GmbH, L=Holzminden, S=Niedersachsen, C=DE

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
536DC63D2525135A051855C5E9E95DAF

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:Gj5ZgAWd4HfQXA38Dwxt5zyxBsjXbL28PWSZ9X48/GoekqhaQmX9lj2dXVcx:I+mQ4ewRWxByrrjZ9XxQmXj2s

Entry address:
0x1000

Entry point:
68, 01, 40, 7B, 00, E8, 01, 00, 00, 00, C3, C3, 15, CF, 2F, 1D, AA, 82, 45, EC, 4A, 12, C0, E8, 25, B7, 82, 9A, 46, 7E, FE, 88, 3A, 03, 7F, 62, E1, 51, 30, 30, 56, ED, 2C, 18, 3C, 71, 15, 40, C9, 22, EF, 5D, 96, B1, 7E, 03, C4, 29, D6, E4, C9, 8D, A2, 4A, A9, A1, 75, 39, 13, ED, 65, EB, 45, 06, CD, 2A, 0A, 91, 82, F5, 0D, 5D, 83, B8, 30, F0, 43, 85, FE, EF, EF, 63, BD, 2A, F4, 55, 6D, C5, 30, D6, A1, 6E, 4A, 91, 82, 2E, 8F, AC, C1, 8C, 40, B2, BA, B0, 5F, D9, 01, 6E, 82, 17, B4, 59, 1B, F4, 61, 22, D2, 48...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
2 MB (2,074,112 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
lbackup

Command:
"C:\Program Files\s.a.d\simontools livebackup\lbackup.exe" \autostart


Scan lbackup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.