home

mylbx.exe

My Lockbox

FSPro Labs

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘mylbx’.
Publisher:
FSPro Labs  (signed and verified)

Product:
My Lockbox

Version:
3.9.3.621

MD5:
039c7ff42dec542df86f717241d8cca5

SHA-1:
f3fa1063c01133657146a75e7dbdfcc70c3f6372

SHA-256:
9d82fc4ed4489b88d6e1b06d0ca0c929f585e9a6ca81b6435a1880a5336e3f93

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
5/3/2024 10:46:04 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Floxif.H virus
6.3.12010.0

F-Prot
W32/Floxif.B
4.6.5.141

File size:
2.6 MB (2,685,103 bytes)

Product version:
3.9.3

Copyright:
Copyright © 2006-2016 FSPro Labs

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
FSPro Labs

Authority:
Symantec Corporation

Valid from:
3/14/2016 5:00:00 AM

Valid to:
4/10/2017 4:59:59 AM

Subject:
CN=FSPro Labs, O=FSPro Labs, L=Taganrog, S=Rostov region, C=RU

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
2202041196233D15DF26AB381E122306

File PE Metadata
Compilation timestamp:
5/26/2016 7:47:23 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x1000

Entry point:
E9, 8A, 04, 01, 00, E8, 01, 00, 00, 00, C3, C3, DC, 71, E8, 3E, 93, BD, 84, 2A, A0, 62, D9, 45, 05, 62, 5C, 22, AB, 28, 9B, 4F, 69, EF, 5E, 29, 95, F3, DB, C3, 30, B5, 16, C4, D7, A7, 38, 6C, 4F, 1F, D0, 6A, 66, 49, 04, 3F, 1B, 3F, A8, 50, 38, A2, 50, 96, 1B, 59, BD, 57, 46, 11, 48, 21, 38, B5, FF, 0F, 85, FA, C7, 75, EF, FA, 48, 8F, F2, 93, 18, 9F, 64, FA, C7, C5, B3, D0, 28, 7D, 92, BF, 5B, 53, 6A, 23, 18, 72, 3B, C9, 90, 20, A0, 4A, F6, 87, 2C, 31, AF, 5E, 09, 01, E5, 4D, 30, A5, 6E, B2, 57, 58, EF, D6...
 
[+]

Entropy:
7.9005

Packer / compiler:
Xtreme-Protector v1.05

Code size:
4 MB (4,154,368 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
mylbx

Command:
C:\danger\my lockbox\mylbx.exe \a


Scan mylbx.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.