home

LeTVLoader.exe

乐视视频7.3.1.55

LE SHI INTERNET INFORMATION & TECHNOLOGY CORP.,BEI JING

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Loader’.
Publisher:
乐视网信息技术(北京)股份有限公司  (signed by LE SHI INTERNET INFORMATION & TECHNOLOGY CORP.,BEI JING)

Product:
乐视视频7.3.1.55

Description:
乐视视频

Version:
7.3.1.55

MD5:
fb9c8f3be43a8bd25b388d1e351305ce

SHA-1:
153b2243059c23b8267acd79b36d235f4379c2d5

SHA-256:
63c098a0e96a194d98734513e80f024f34c92bdbdf2fa6e113dfcb52212eafd9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 3:23:52 PM UTC  (today)

File size:
952.7 KB (975,528 bytes)

Product version:
7.3.1.55

Copyright:
乐视视频

Original file name:
LeTVLoader.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\letv\letvloader.exe

Digital Signature
Signed by:
LE SHI INTERNET INFORMATION & TECHNOLOGY CORP.,BEI JING

Authority:
VeriSign, Inc.

Valid from:
5/26/2014 8:00:00 AM

Valid to:
6/8/2017 7:59:59 AM

Subject:
CN="LE SHI INTERNET INFORMATION & TECHNOLOGY CORP.,BEI JING", OU=RD, O="LE SHI INTERNET INFORMATION & TECHNOLOGY CORP.,BEI JING", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6597E0BB4346E0344052926ABC3279C6

File PE Metadata
Compilation timestamp:
7/2/2015 1:20:22 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:yvttTif5L0FkU6fNb7VkzqYSTOjZdZbeTqXm:gu0CULzTjZHTXm

Entry address:
0x77C84

Entry point:
E8, BF, F2, 00, 00, E9, 79, FE, FF, FF, CC, CC, 56, 8B, 44, 24, 14, 0B, C0, 75, 28, 8B, 4C, 24, 10, 8B, 44, 24, 0C, 33, D2, F7, F1, 8B, D8, 8B, 44, 24, 08, F7, F1, 8B, F0, 8B, C3, F7, 64, 24, 10, 8B, C8, 8B, C6, F7, 64, 24, 10, 03, D1, EB, 47, 8B, C8, 8B, 5C, 24, 10, 8B, 54, 24, 0C, 8B, 44, 24, 08, D1, E9, D1, DB, D1, EA, D1, D8, 0B, C9, 75, F4, F7, F3, 8B, F0, F7, 64, 24, 14, 8B, C8, 8B, 44, 24, 10, F7, E6, 03, D1, 72, 0E, 3B, 54, 24, 0C, 77, 08, 72, 0F, 3B, 44, 24, 08, 76, 09, 4E, 2B, 44, 24, 10, 1B, 54...
 
[+]

Entropy:
6.4505

Code size:
576 KB (589,824 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Loader

Command:
C:\Program Files\letv\letvloader.exe #mini


Scan LeTVLoader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.