» mylbx.exe
Overview
Analysis
File Details
Behaviors (1)

mylbx.exe

FSPro Labs

The executable mylbx.exe has been detected as malware by 25 anti-virus scanners. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘mylbx’.

File name:

mylbx.exe

Publisher:

FSPro Labs (signed and verified)

Description:

My Lockbox

Version:

1.4.3.83

MD5:

d69e6d1cb019cdbffbc5fe0ec99b1caa

SHA-1:

4eff43a129197e2814ed4c2ed2de28a1377f06b9

SHA-256:

ef7cd8689125f9135c6de614ce7d055e227b21fa85c2fff3d5f196afdbdaa569

Scanner detections:

25 / 68

Status:

Malware

Analysis date:

4/19/2024 4:17:28 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Induc.1

159

AegisLab AV Signature

W32.Induc.b!c

2.1.4+

Arcabit

Trojan.Induc.1

1.0.0.696

avast!

Win32:Induc

2014.9-160829

Bitdefender

Gen:Variant.Induc.1

1.0.20.1210

Dr.Web

Win32.Induc

9.0.1.0242

Emsisoft Anti-Malware

Gen:Variant.Induc

8.16.08.29.11

ESET NOD32

Win32/Induc (variant)

10.13603

F-Secure

Gen:Variant.Induc.1

11.2016-29-08_2

G Data

Gen:Variant.Induc

16.8.25

IKARUS anti.virus

Virus.Win32.Induc

t3scan.2.0.9.0

K7 AntiVirus

Riskware

13.227.19830

Kaspersky

Virus.Win32.Induc

14.0.0.-322

McAfee

Artemis!D69E6D1CB019

5600.6293

Microsoft Security Essentials

Virus:Win32/Induc.A

1.1.12805.0

MicroWorld eScan

Gen:Variant.Induc.1

17.0.0.726

NANO AntiVirus

Trojan.Win32.Induc.lkuba

1.0.30.8482

Panda Antivirus

Generic Suspicious

16.08.29.11

Qihoo 360 Security

Trojan.Generic

1.0.0.1120

Rising Antivirus

Virus.Induc!1.9B53

23.00.65.16827

Sophos

Mal/Generic-L

4.98

Trend Micro House Call

TROJ_SPNR.30BC13

7.2.242

Trend Micro

TROJ_SPNR.30BC13

10.465.29

Vba32 AntiVirus

Virus.Win32.Induc.c

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

49926

File size:

1 MB (1,075,888 bytes)

Product version:

1.4

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\my lockbox\mylbx.exe

Digital Signature

Signed by:

FSPro Labs

Authority:

The USERTRUST Network

Valid from:

2/23/2009 4:00:00 AM

Valid to:

2/24/2011 3:59:59 AM

Subject:

CN=FSPro Labs, O=FSPro Labs, STREET=20-6 P.Toliatti st. apt. 20, L=Taganrog, S=RO, PostalCode=347931, C=RU

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

784F226B45C3BD8E4089243D747D1F59

File PE Metadata

Compilation timestamp:

6/20/1992 2:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:xSpB/uKKj/+pF+VlKxbaSxQeGbY74CBCL4SV:xGBI/uF+uYe86CLD

Entry address:

0x1000

Entry point:

68, 01, 20, 5B, 00, E8, 01, 00, 00, 00, C3, C3, A9, 24, 6C, 78, C2, CD, 73, 2F, 48, B3, 97, 3A, 72, A0, D8, B8, 2F, E2, 64, E8, AB, 20, BA, 53, 6D, FE, 14, 79, CD, 62, 45, 68, E4, D7, 43, 4F, 8E, B8, 2E, FA, D5, EB, BA, 91, FA, DA, 19, 91, F0, 84, 4E, 9D, E3, 3E, 30, 0E, 4A, 9A, CE, 47, 60, 69, 44, 78, 19, 3F, 2B, 25, 7C, D5, 0E, 63, 34, 32, 68, 8F, 33, D4, 28, F6, D9, D8, F8, F3, 5E, D2, 8B, 7E, E7, 81, 46, 53, 30, AC, 52, 36, CF, 4F, 28, 91, C4, 65, 99, 16, C7, E6, 95, C7, 9B, 58, 7D, D9, C3, 52, C1, 29... 
[+]

Entropy:

7.5407

Packer / compiler:

ASProtect v1.2x (New Strain)

Code size:

1.1 MB (1,170,432 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

mylbx

Command:

C:\Program Files\my lockbox\mylbx.exe \a

Remove mylbx.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.