» lightmanstudio.exe
Overview
Analysis
File Details
Behaviors (1)

lightmanstudio.exe

JBMedia GbR

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Lightman Studio’.

File name:

lightmanstudio.exe

Publisher:

JBMedia GbR (signed and verified)

MD5:

071370ca3041f8c6bdcfa7d87e3e4554

SHA-1:

08b7b9fce1de52f73b8eae55fdd81c7fd2d3a66e

SHA-256:

854acd95d3ef51383054f80b891fb3b74d97075030239305dae3fe6a411356f1

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

5/4/2024 9:25:37 AM UTC (today)

Scan engine

Detection

Engine version

Clam AntiVirus

Win.Trojan.PCRat-1

0.98/21511

File size:

2.1 MB (2,198,448 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\lightman studio\lightmanstudio.exe

Digital Signature

Signed by:

JBMedia GbR

Authority:

COMODO CA Limited

Valid from:

5/29/2014 2:00:00 AM

Valid to:

5/30/2015 1:59:59 AM

Subject:

CN=JBMedia GbR, O=JBMedia GbR, POBox=42899, STREET=Dreherstrasse 24, L=Remscheid, S=NRW, PostalCode=42899, C=DE

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00AAA03628D42AAAFEA25703EADD09894C

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0x176468

Entry point:

55, 8B, EC, 83, C4, F0, 53, B8, 78, 5E, 57, 00, E8, CF, 0E, E9, FF, 8B, 1D, D8, 05, 58, 00, 8B, 03, E8, 92, 64, F0, FF, 8B, 03, BA, 00, 66, 57, 00, E8, 6E, 60, F0, FF, 8B, 0D, 58, 08, 58, 00, 8B, 03, 8B, 15, 40, EC, 55, 00, E8, 8B, 64, F0, FF, 8B, 0D, D4, 08, 58, 00, 8B, 03, 8B, 15, 94, 9E, 50, 00, E8, 78, 64, F0, FF, 8B, 0D, 30, 05, 58, 00, 8B, 03, 8B, 15, F0, A1, 50, 00, E8, 65, 64, F0, FF, 8B, 0D, 38, 02, 58, 00, 8B, 03, 8B, 15, B4, BA, 50, 00, E8, 52, 64, F0, FF, 8B, 0D, 1C, 07, 58, 00, 8B, 03, 8B, 15... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

1.5 MB (1,529,856 bytes)

Startup File (User Run)

Registry location:

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

Lightman Studio

Command:

C:\Program Files\lightman studio\lightmanstudio.exe

Scan lightmanstudio.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.