home

LUSetup.exe

LUSetup

LOGIC ERP Solutions Pvt ltd

Publisher:
LOGICSoftwareIndia  (signed by LOGIC ERP Solutions Pvt ltd)

Product:
LUSetup

Version:
1.0.0.0

MD5:
3c5dbe89c62aa6f22168fd66b64ce2b3

SHA-1:
5201ec7811074a6dd9a570fb21e4417385d333ff

SHA-256:
10773a1d9416906559d5ded799ef4db7fa99021e27ea7d4986c769479266c230

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/25/2024 9:58:46 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Trojan.DownLoader13.13032
9.0.1.05190

File size:
47.8 KB (48,984 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © LOGICSoftwareIndia 2010

Original file name:
LUSetup.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\lusetup.exe

Digital Signature
Signed by:
LOGIC ERP Solutions Pvt ltd

Authority:
VeriSign, Inc.

Valid from:
8/5/2011 5:30:00 AM

Valid to:
8/12/2012 5:29:59 AM

Subject:
CN=LOGIC ERP Solutions Pvt ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=LOGIC ERP Solutions Pvt ltd, L=Mohali, S=Punjab, C=IN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
44B474BAC25032040D94A44E27948183

File PE Metadata
Compilation timestamp:
8/23/2011 1:43:57 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:Hc2BH+2Z11EX//Ian5+IEbae8uckjXqMJVSvxe734SLotE:Hc2BFaXxUVZjXDV34S3

Entry address:
0xB3CE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 45, 61, 53, 4E, 00, 00, 00, 00, 02, 00, 00, 00, 5C, 00, 00, 00, 1C, C0, 00, 00, 1C, 98, 00, 00, 52, 53, 44, 53, 3B, EA, 72, 8B, 66, F7, 08, 46, 86, 52, 3B, 7D, 01, AE, 6F, AE, 01, 00, 00, 00, 45, 3A, 5C, 6E, 78, 77, 5C, 44, 6F, 74, 4E, 65, 74, 5C, 55, 74, 69, 6C, 69, 74, 69, 65, 73, 5C, 55, 70...
 
[+]

Entropy:
5.8774

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
37 KB (37,888 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to a23-52-155-27.deploy.static.akamaitechnologies.com  (23.52.155.27:80)

TCP (HTTP):
Connects to a23-52-149-163.deploy.static.akamaitechnologies.com  (23.52.149.163:80)

Scan LUSetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.