home

lum.sys

LUM application

IBM Polska Sp. z o.o.

It runs as a Windows 64-bit kernel mode device driver named “LUM”.
Publisher:
IBM  (signed by IBM Polska Sp. z o.o.)

Product:
LUM application

Description:
LUM Runtime

Version:
5,1,2,0

MD5:
beb9ca71472f2f6e1ccbb15be8db3771

SHA-1:
bd0a0da0341aa60e7fb95b614ec5ebd39cb83bf7

SHA-256:
f6838b863727b61e42ece73b8c02065eb6b18b444cac641e35e6b28d27c9459d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 10:58:14 AM UTC  (today)

File size:
16.1 KB (16,528 bytes)

Product version:
5,1,2,0

Copyright:
© Copyright 1995-2006, IBM Corporation

File type:
Driver (Win64 SYS)

Language:
Language Neutral

Common path:
C:\Windows\System32\drivers\lum.sys

Digital Signature
Signed by:
IBM Polska Sp. z o.o.

Authority:
VeriSign, Inc.

Valid from:
4/10/2007 5:00:00 PM

Valid to:
4/10/2010 4:59:59 PM

Subject:
CN=IBM Polska Sp. z o.o., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=IBM Polska Sp. z o.o., L=Krakow, S=malopolska, C=PL

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
192F3E2B65E1D7D9FC7F0CF317699BE3

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
384:RX20neiy4+9rX+wUfuJ7LCcgJEtbJf6jtn:RXlzWrX+wH7L3fbJfmtn

Entry point:
55, 8B, EC, 83, EC, 1C, 53, 8B, 1D, D8, 02, 01, 00, 57, 68, 1A, 1E, 01, 00, 8D, 45, EC, 50, FF, D3, 8B, 7D, 08, 8D, 45, FC, 50, 6A, 00, 6A, 00, 6A, 22, 8D, 45, EC, 50, 6A, 20, 57, FF, 15, F8, 02, 01, 00, 85, C0, 0F, 85, FB, 00, 00, 00, 8B, 45, FC, 56, 8B, 70, 28, 33, C0, 89, 06, 89, 46, 04, 89, 46, 08, 68, FA, 1D, 01, 00, 8D, 45, F4, 50, C6, 46, 0C, 01, C6, 46, 0D, 01, FF, D3, 8D, 45, EC, 50, 8D, 45, F4, 50, FF, 15, F4, 02, 01, 00, FF, 75, FC, 8B, D8, 85, DB, 74, 0D, FF, 15, EC, 02, 01, 00, 8B, C3, E9, B2...
 
[+]

Entropy:
6.8898

Developed / compiled with:
Microsoft Visual C++

Driver
Display name:
LUM

Type:
Kernel device driver (KernelDriver)


Scan lum.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.