home

Listary.exe

Listary

Bopsoft

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Listary’.
Publisher:
Bopsoft  (signed and verified)

Product:
Listary

Version:
4.10.1446.0

MD5:
68f98ea6ed6df2c10ad12dce53797a82

SHA-1:
6ecdb920b5b686911690070ab40a3efc27fe9ca3

SHA-256:
6909d5b0428f5a89241b1d9c91f48cf7bee745d99018cc9bf09bcfae1713b522

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/25/2024 5:50:31 AM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Malware.XPACK/RDM!5.1
23.00.65.131216

File size:
3.6 MB (3,729,648 bytes)

Product version:
4.10.1446.0

Copyright:
Copyright (c) 2013 Bopsoft. All rights reserved.

Original file name:
Listary.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\listary\listary.exe

Digital Signature
Signed by:
Bopsoft

Authority:
COMODO CA Limited

Valid from:
10/23/2013 8:00:00 AM

Valid to:
10/23/2016 7:59:59 AM

Subject:
CN=Bopsoft, O=Bopsoft, STREET=Longxingnanli 12-4-3, L=Zaozhang, S=Shandong, PostalCode=277100, C=CN

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00EDE8F2C537ADE5676A27177FCAD09116

File PE Metadata
Compilation timestamp:
12/17/2013 11:08:52 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
98304:ZRuNT5azmuYYydKJINhO+geHySi17J8Y0rExWoxjKAuTr4:zuba+KCNsWi1Fl06wr4

Entry address:
0x28CC15

Entry point:
E8, 17, 05, 00, 00, E9, 49, FE, FF, FF, 55, 8B, EC, FF, 15, 50, 83, 6B, 00, 6A, 01, A3, 54, F3, 72, 00, E8, 0C, 06, 00, 00, FF, 75, 08, E8, 0A, 06, 00, 00, 83, 3D, 54, F3, 72, 00, 00, 59, 59, 75, 08, 6A, 01, E8, F2, 05, 00, 00, 59, 68, 09, 04, 00, C0, E8, F3, 05, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 0E, 08, 00, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 38, F1, 72, 00, 89, 0D, 34, F1, 72, 00, 89, 15, 30, F1, 72, 00, 89, 1D, 2C, F1, 72, 00, 89, 35, 28, F1, 72, 00, 89, 3D, 24...
 
[+]

Entropy:
6.7136

Code size:
2.7 MB (2,844,160 bytes)

Scheduled Task
Task name:
Listary

Trigger:
Logon (Runs on logon)

Description:
Run Listary automatically when Windows starts. Please do not modify this task manually, use Listary Options instead.


Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Listary

Command:
"C:\Program Files\listary\listary.exe"


The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to li170-168.members.linode.com  (173.230.130.168:80)

Scan Listary.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.