home

lsm.exe

ABDULKADIR SAHIN

The application lsm.exe by ABDULKADIR SAHIN has been detected as adware by 9 anti-malware scanners. It is also typically executed from the user's temporary directory.
Publisher:
HD PLAYER  (signed by ABDULKADIR SAHIN)

Product:
HD PLAYER

Version:
1.0.0.0

MD5:
8bff678389063edf7b608c1837ae72f0

SHA-1:
9306ed111e790b4427d6728e007ce7b213fac1df

SHA-256:
bc7a5f30a3dc3a472a769e5a7a690e2b22e79eab250647b34a531c1142e64b75

Scanner detections:
9 / 68

Status:
Adware

Analysis date:
4/27/2024 1:53:31 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.1482659
976

Bitdefender
Trojan.GenericKD.1482659
1.0.20.770

Emsisoft Anti-Malware
Trojan.GenericKD.1482659
8.14.06.03.04

F-Secure
Trojan.GenericKD.1482659
11.2014-03-06_3

G Data
Trojan.GenericKD.1482659
14.6.22

MicroWorld eScan
Trojan.GenericKD.1482659
15.0.0.462

nProtect
Trojan.GenericKD.1482659
14.01.10.01

Panda Antivirus
Suspicious file
14.06.03.04

Reason Heuristics
PUP.ABDULKADIRSAHIN.D
14.7.3.9

File size:
260.3 KB (266,576 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2013

Original file name:
HDPLAYER.exe

File type:
Executable application (Win32 EXE)

Language:
Turkish (Turkey)

Common path:
C:\users\{user}\appdata\local\temp\lsm.exe

Digital Signature
Signed by:
ABDULKADIR SAHIN

Authority:
VeriSign, Inc.

Valid from:
1/18/2013 2:00:00 AM

Valid to:
3/20/2014 1:59:59 AM

Subject:
CN=ABDULKADIR SAHIN, OU=Individual Developer, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=No Organization Affiliation, L=ANKARA, S=KECIOREN, C=TR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
516CAE126302D8B129C8550A077CDF6F

File PE Metadata
Compilation timestamp:
12/27/2013 3:02:09 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:nQeBQ8b6oi6E6rdGQakCFft4XFd4vd+hCPqoGpy0s1YwnIJWOdG6grEqA5wIw:nKoQPtW1d4vos8OeWOw6gAqA5i

Entry address:
0x3C7BE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 35, 8E, 48, 57, 5F, 7B, B3, 57, 2A, C7, C8, B6, 55, 97, 45, 50, 98, 99, D9, D8, 4F, C7, 3C, D9, AF, CC, 44, 4B, 20, 3C, 03, 93, C5, 10, 74, 54, 9A, 32, 9A, B6, AF, A4, 4B, D4, 16, 97, 8B, D9, 52, 66, 68, 6E, 20, 4D, 18, 22, 76, B5, 33, 11, 12, 33...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
234 KB (239,616 bytes)

Remove lsm.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.