home

PLUSi Messenger.exe

PLUSi Messenger

Saerom Information Systems, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘PLUSi Messenger’.
Publisher:
LGCARE  (signed by Saerom Information Systems, Inc.)

Product:
PLUSi Messenger

Version:
2, 3, 3, 2

MD5:
8b45d5ef1c63d82435077ea493f76eaa

SHA-1:
0e253b7e8c06cd6f686e1ad9f14a3bdc6a93fca5

SHA-256:
958ae84a3445177abb5277b05ac62d6808161dfa26a2b511af9d7766201b1633

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 1:04:23 PM UTC  (today)

File size:
1.7 MB (1,791,256 bytes)

Product version:
2, 3, 3, 2

Copyright:
(C) LG Care

Original file name:
PLUSi Messenger.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\lgcare\plusi messenger\plusi messenger.exe

Digital Signature
Signed by:
Saerom Information Systems, Inc.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
3/4/2010 9:00:00 AM

Valid to:
4/3/2012 8:59:59 AM

Subject:
CN="Saerom Information Systems, Inc.", OU=R&D Center, O="Saerom Information Systems, Inc.", L=Geumcheon-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
1154186EFA573006C9D8338AF3EFFB17

File PE Metadata
Compilation timestamp:
6/3/2011 4:11:35 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x126574

Entry point:
55, 8B, EC, 6A, FF, 68, 28, 3D, 56, 00, 68, 62, 67, 52, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, B8, 7D, 55, 00, 59, 83, 0D, 70, D0, 5B, 00, FF, 83, 0D, 74, D0, 5B, 00, FF, FF, 15, B4, 7D, 55, 00, 8B, 0D, 54, CB, 5B, 00, 89, 08, FF, 15, B0, 7D, 55, 00, 8B, 0D, 50, CB, 5B, 00, 89, 08, A1, AC, 7D, 55, 00, 8B, 00, A3, 6C, D0, 5B, 00, E8, 8A, 08, FD, FF, 39, 1D, 00, 17, 5B, 00, 75, 0C, 68, 8C, 67, 52, 00, FF, 15, A8, 7D...
 
[+]

Entropy:
6.3027

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
1.3 MB (1,400,832 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
PLUSi Messenger

Command:
C:\Program Files\lgcare\plusi messenger\plusi messenger.exe


Scan PLUSi Messenger.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.