» settime.exe
Overview
Analysis
File Details

settime.exe

Korea Network Technology Co., Ltd

The application settime.exe by Korea Network Technology Co. has been detected as a potentially unwanted program by 15 anti-malware scanners.

File name:

settime.exe

Publisher:

Korea Network Technology Co., Ltd (signed and verified)

MD5:

44701e4c7b9f3a475152aacfb0a378f2

SHA-1:

01e95ac7a1e69601e88cef68cb05307989f91fee

SHA-256:

b4e07b6415e83885871eff36cf187f7cdf16f3a4725b058282dee7ce48181a00

Scanner detections:

15 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 7:22:10 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Symmi.6942

5805142

AhnLab V3 Security

Win-Trojan/Malpacked5.Gen

2014.11.20

Bitdefender

Gen:Variant.Symmi.6942

1.0.20.1615

Comodo Security

TrojWare.Win32.Amtar.KNB

20132

Emsisoft Anti-Malware

Gen:Variant.Symmi.6942

14.11.19

ESET NOD32

Win32/Packed.NoobyProtect.P suspicious application

7.0.302.0

Fortinet FortiGate

W32/SfEngine.A!tr

11/19/2014

F-Secure

Gen:Variant.Symmi.6942

11.2014-19-11_4

G Data

Gen:Variant.Symmi.6942

14.11.24

IKARUS anti.virus

Win32.SuspectCrc

t3scan.1.8.3.0

McAfee

Trojan-FDFO!44701E4C7B9F

5600.6942

MicroWorld eScan

Gen:Variant.Symmi.6942

15.0.0.969

Norman

OnLineGames.LVXF

11.20141119

Reason Heuristics

PUP.KoreaNetworkTechnologyCo.H

14.11.21.23

Rising Antivirus

PE:Malware.XPACK-LNR/Heur!1.5594

23.00.65.141117

File size:

535.9 KB (548,776 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\windows\settime.exe

Digital Signature

Signed by:

Korea Network Technology Co., Ltd

Authority:

Thawte, Inc.

Valid from:

10/3/2013 9:00:00 AM

Valid to:

12/3/2014 8:59:59 AM

Subject:

CN="Korea Network Technology Co., Ltd", O="Korea Network Technology Co., Ltd", L=Seongnam-si, S=Gyeonggi-do, C=KR

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

2AB67B7C76D88A5693C0C48E34DA770B

File PE Metadata

Compilation timestamp:

9/5/2012 8:50:54 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

6.0

CTPH (ssdeep):

6144:bUwMuyG82HytkMvYzFBeApPVQd02+C4wpixS4VPqC7s5v8/cK0tnRc20oRqtqI4U:9r3StkMMwd02cLs5vC2Utq1U

Entry address:

0x82FBD

Entry point:

E8, 21, 00, 00, 00, 53, 61, 66, 65, 6E, 67, 69, 6E, 65, 20, 4C, 69, 63, 65, 6E, 73, 6F, 72, 20, 44, 65, 6D, 6F, 20, 76, 31, 2E, 38, 2E, 30, 2E, 30, 00, 8D, 64, 24, 04, E9, B9, 15, 00, 00, 28, A4, 3A, 5D, AC, 45, B9, 34, AA, CD, 3C, C8, 39, A9, 39, 58, AB, 41, 9B, 2B, B7, 27, 42, B1, 4E, 0C, 95, 05, 6C, 9F, 2B, D7, 4D, DD, A4, 57, FC, 61, F8, 6E, 09, F8, 47, 3A, A4, 3A, 5D, AC, 05, 68, F5, 65, 0C, FF, 4A, 5D, C7, 57, 32, C1, 66, 84, 1F, 8F, EA, 19, 90, 59, F9, 69, 08, FB, 7E, BF, 1C, B2, D5, 24, A3, A0, 22... 
[+]

Entropy:

6.5578

Remove settime.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.