» netcomagentlv.exe
Overview
Analysis
File Details
Behaviors (1)

netcomagentlv.exe

netcomsoft

It runs as a windows Service named “NETCOM AGENT SERVICE”.

File name:

netcomagentlv.exe

Publisher:

netcomsoft (signed and verified)

MD5:

fdd6f2f50e901e92850180046cf09780

SHA-1:

89ed8f45aefe0bbb0e7fd4e0b7c06649a737f8a1

SHA-256:

4c6e8da92d17d50854979a7c3d6b99a7d5b98c937c8ce861eb62cf2d891350f1

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

5/1/2024 2:00:20 PM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

Win32.Trojan.WisdomEyes.151026.9950

4.0.3.17219

File size:

1.6 MB (1,667,256 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\netcom\agent\netcomagentlv.exe

Digital Signature

Signed by:

netcomsoft

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

1/15/2010 9:00:00 AM

Valid to:

1/16/2011 8:59:59 AM

Subject:

CN=netcomsoft, O=netcomsoft, L=" Geumcheon-gu ", S=Seoul, C=KR

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

7B3409DFAAC96DA2380356919321FDC5

File PE Metadata

Compilation timestamp:

11/8/2010 6:54:01 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0x157F84

Entry point:

55, 8B, EC, 83, C4, F0, 53, 56, B8, BC, 57, 55, 00, E8, 92, 0E, EB, FF, 8B, 1D, A8, 52, 56, 00, 8B, 03, 8B, 10, FF, 52, 34, 8B, 0D, B8, 50, 56, 00, 8B, 03, 8B, 15, 7C, 9D, 50, 00, 8B, 30, FF, 56, 30, 8B, 0D, 6C, 54, 56, 00, 8B, 03, 8B, 15, 04, 2A, 55, 00, 8B, 30, FF, 56, 30, 8B, 0D, B8, 55, 56, 00, 8B, 03, 8B, 15, AC, 09, 55, 00, 8B, 30, FF, 56, 30, 8B, 0D, 2C, 4C, 56, 00, 8B, 03, 8B, 15, 38, B5, 54, 00, 8B, 30, FF, 56, 30, 8B, 03, 8B, 10, FF, 52, 38, 5E, 5B, E8, 57, D4, EA, FF, 8D, 40, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.3449

Developed / compiled with:

Microsoft Visual C++

Code size:

1.3 MB (1,401,344 bytes)

Service

Display name:

NETCOM AGENT SERVICE

Service name:

f_AgentSvr

Type:

Win32OwnProcess, InteractiveProcess

Scan netcomagentlv.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.