home

lightzone-3.9.exe

LightZone

Light Crafts, Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Light Crafts, Inc.  (signed and verified)

Product:
LightZone

Version:
3.9

MD5:
ac2632f9bb0886c93f4592b42eed8870

SHA-1:
981ec620586c09250fd89fe95f44bbc379b109ce

SHA-256:
5968bb8439529b78534549eb15ff5713f4c647c0a355da8c990b67aec50389f6

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 10:30:19 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V1215
7.2.76

File size:
24.4 MB (25,586,440 bytes)

Product version:
3.9

Original file name:
LightZone-Installer.exe

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\lightzone-3.9.exe

Digital Signature
Signed by:
Light Crafts, Inc.

Authority:
The USERTRUST Network

Valid from:
3/25/2010 1:00:00 AM

Valid to:
3/26/2011 12:59:59 AM

Subject:
CN="Light Crafts, Inc.", O="Light Crafts, Inc.", STREET=200 Sheridan Avenue, STREET=Suite 307, L=Palo Alto, S=CA, PostalCode=94306, C=US

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00EA1E7032619D614B80E5EADFE88ED5E4

File PE Metadata
Compilation timestamp:
5/9/2007 5:42:44 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
786432:ELpFHxQhm6p4Yj0A87ST2Xwp+evS4nE8jGiEJ:WrHxQESj6WiXS+KxE4BEJ

Entry address:
0x11F8

Entry point:
4D, 5A, 90, 00, 03, 00, 00, 00, 04, 00, 00, 00, FF, FF, 00, 00, B8, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 80, 00, 00, 00, 0E, 1F, BA, 0E, 00, B4, 09, CD, 21, B8, 01, 4C, CD, 21, 54, 68, 69, 73, 20, 70, 72, 6F, 67, 72, 61, 6D, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 72, 75, 6E, 20, 69, 6E, 20, 44, 4F, 53, 20, 6D, 6F, 64, 65, 2E, 0D, 0D, 0A, 24, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9981  (probably packed)

Code size:
168.5 KB (172,544 bytes)

The file lightzone-3.9.exe has been seen being distributed by the following 4 URLs.

http://gsf-cf.softonic.com/981/ec6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=54399&instance=softonic_es&type=PROGRAM&Expires=1439054768&Signature=F3XliJfVgLxu6wrjM7QOuY9s2~iuXyXHWqQK8DkgR4q0IvUifDrUd-fDWE5XdgZahDHDRTRmYE8WteR60uk45q6xY1VT1YSEEYW1UUWniPfg0LVA8TxK9VuwrQTLybBECsXCI0XVCRk5uJOwiWiTG0xWiryrAkm3xKKdjLg8wxE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LightZone-latest.exe

http://gsf-cf.softonic.com/981/ec6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=54399&instance=softonic_es&type=PROGRAM&Expires=1481866950&Signature=NMxz-2j1MjovvHHZCWotKzN3tCaUvYPCr4EZGDFp8pfoRzNPs-hccFuTjQ68jUCNVjnRgpEqm5lxEBBwxb7dY0RUmvjeLSvF~5L8Takx8j~LYj~NM5XgSFDMsxxXgPUzO1aif20ap8RxcHIH5puH8FcmzzxeE5fIZMSuoi10Y1E_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=LightZone-latest.exe

http://gsf-cf.softonic.com/981/ec6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=54399&instance=softonic_br&type=PROGRAM&Expires=1429350854&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=Ak5rbk12v8MoYT3h09~gC4VhUuM47ZCKNZJdvb2XQOGw83Vf9yVyXEgMtwVDGzEXxCigV-8EsX1u2gkCdsa-h~VbNvi0TLj1UJ62CaDpHkPwyhWlwI-ZM9fjgAN7XG6NQfr1LpuT3m5GvGVpILnSliV8ySB77SYMpeEq4AGRG98_&filename=LightZone-latest.exe

http://web.archive.org/web/20110101004952/http://www.lightcrafts.com/.../LightZone-3.9.exe

Scan lightzone-3.9.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.