home

LenRCClient.EXE

联想网络控制工具

Xi'an Saming Technology Co., Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘LenRCClient’.
Publisher:
西安三茗科技有限责任公司  (signed by Xi'an Saming Technology Co., Ltd.)

Product:
联想网络控制工具

Description:
联想网络控制工具-被控端

Version:
1, 1, 0, 1

MD5:
1b05e023fb2597f2db664cd35ae5fafd

SHA-1:
8c03a32ee6fee3a0c865d7c59e7ac62c15095bc3

SHA-256:
57df34f6de338f33b7160f068b935e6da573f3700ade792b916d1e74340c29e8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 12:35:30 AM UTC  (today)

File size:
58.5 KB (59,920 bytes)

Product version:
1, 1, 0, 1

Copyright:
版权所有 (C) 2006-2007

Original file name:
LenRCClient.EXE

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\lenovo\remote control tool\client\lenrcclient.exe

Digital Signature
Signed by:
Xi'an Saming Technology Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
12/15/2006 5:30:00 AM

Valid to:
12/16/2007 5:29:59 AM

Subject:
CN="Xi'an Saming Technology Co., Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Xi'an Saming Technology Co., Ltd.", S=Shannxi, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2DF6A0EA04EE7275B1E694FD226923AA

File PE Metadata
Compilation timestamp:
7/6/2007 5:33:15 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:mYIXCQoFhZ6R570+qHVlYdyHb2cDzkS5rVw:maFhZ6/70+QScFJw

Entry address:
0x702F

Entry point:
55, 8B, EC, 6A, FF, 68, 10, 8B, 40, 00, 68, 8E, 71, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, B8, 83, 40, 00, 59, 83, 0D, 10, BD, 40, 00, FF, 83, 0D, 14, BD, 40, 00, FF, FF, 15, BC, 83, 40, 00, 8B, 0D, 04, BD, 40, 00, 89, 08, FF, 15, C0, 83, 40, 00, 8B, 0D, 00, BD, 40, 00, 89, 08, A1, C4, 83, 40, 00, 8B, 00, A3, 0C, BD, 40, 00, E8, 1D, 01, 00, 00, 39, 1D, C0, AC, 40, 00, 75, 0C, 68, B8, 71, 40, 00, FF, 15, C8, 83...
 
[+]

Entropy:
5.8385

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
28 KB (28,672 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
LenRCClient

Command:
C:\Program Files\lenovo\remote control tool\client\lenrcclient.exe


Scan LenRCClient.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.