home

LG_PC_Programs.exe

LG Autorun

LG Electronics Inc.

The executable LG_PC_Programs.exe has been detected as malware by 10 anti-virus scanners.
Publisher:
LG Electronics  (signed by LG Electronics Inc.)

Product:
LG Autorun

Version:
2, 0, 3, 0

MD5:
deeefcbc9fe5110ec46223bbd772b1e0

SHA-1:
11879abba28f604b850acab0b362c6c997ab691d

SHA-256:
d865bd0e865dbe8bf64e6f7221142387cd0249752a579875d88e6ee1cd64acc8

Scanner detections:
10 / 68

Status:
Malware

Analysis date:
4/18/2024 11:38:42 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

avast!
Win32:Mabezat [Wrm]
160126-1

AVG
Win32/Mabezat
2015.0.4522

Dr.Web
Win32.HLLW.Tazebama
9.0.1.05190

ESET NOD32
Win32/Mabezat.A virus
7.0.302.0

F-Prot
W32/Mabezat.A-2
4.6.5.141

Kaspersky
Worm.Win32.Mabezat
15.0.0.562

McAfee
Virus.W32/Mabezat.a
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.213.6155.0

Norman
Win32.Worm.Mabezat.Gen
08.02.2016 04:24:12

Sophos
Virus 'W32/Mabezat-B'
5.23

File size:
730.7 KB (748,223 bytes)

Product version:
2, 0, 3, 0

Copyright:
(c) LG Electronics All rights reserved.

Original file name:
LG_PC_Programs.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\lg_pc_programs.exe

Digital Signature
Signed by:
LG Electronics Inc.

Authority:
VeriSign, Inc.

Valid from:
7/29/2011 12:00:00 AM

Valid to:
8/16/2014 11:59:59 PM

Subject:
CN=LG Electronics Inc., OU=Business Solution, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=LG Electronics Inc., L=Pyeongtaek-si, S=Gyeonggi-do, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
40E1FFC406A7F24F7B409A7338033B3D

File PE Metadata
Compilation timestamp:
7/8/2013 7:20:40 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:tInv0H0eXAb6L2iC1toiFSrMs4m5Kt5PrXrdHEDMpGw1JKOHXC3Mj4M1NqsfWxZb:tS8UsAb6mGrMhNta73MvuPf

Entry address:
0x12B28

Entry point:
BB, A3, A8, 96, 5B, 93, E9, 20, 01, 00, 00, D7, 7D, E0, DC, 88, 0C, E0, DC, B0, 67, 69, 60, 60, E0, 60, 60, 6C, 60, 60, 60, BF, 91, 96, 91, 90, 91, 99, 97, 96, 60, 60, 60, D4, C1, DA, C5, C2, C1, CD, C1, 8E, C4, CC, CC, 60, 60, 60, 60, BC, 60, 60, 60, A6, D2, C5, C5, AC, C9, C2, D2, C1, D2, D9, 60, A3, D2, C5, C1, D4, C5, A4, C9, D2, C5, C3, D4, CF, D2, D9, A1, 60, 60, 60, 60, A7, C5, D4, B7, C9, CE, C4, CF, D7, D3, A4, C9, D2, C5, C3, D4, CF, D2, D9, A1, 60, 60, 60, 60, A7, C5, D4, AD, CF, C4, D5, CC, C5...
 
[+]

Code size:
131 KB (134,144 bytes)

Remove LG_PC_Programs.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.