home

V3LTray.exe

V3 Lite

AhnLab, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘AhnLab V3Lite Tray Process’.
Publisher:
AhnLab, Inc.  (signed and verified)

Product:
V3 Lite

Description:
Tray Application

Version:
1, 0, 1, 65

MD5:
1346f3cd57de33e81e948d2340fbf67a

SHA-1:
2e9ab82ed62c3caaa5b94c8f77f7b37fa9a254ae

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/9/2024 11:01:29 AM UTC  (today)

File size:
571.3 KB (585,024 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C), AhnLab, Inc. 1988-2008, All rights reserved.

Original file name:
V3LTray.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\ahnlab\v3lite\v3ltray.exe

Digital Signature
Signed by:
AhnLab, Inc.

Authority:
VeriSign, Inc.

Valid from:
4/27/2012 9:00:00 AM

Valid to:
6/27/2014 8:59:59 AM

Subject:
CN="AhnLab, Inc.", OU=Information System Team, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="AhnLab, Inc.", L=Seongnam, S=Gyeounggi, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5BE7658868EA973EDA24E7EC917198BA

File PE Metadata
Compilation timestamp:
8/13/2012 3:18:59 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:NX47MwyhbJcmOfEUc8FXzqRXNzCdiF1K4VZbkQmSBycTbSOZ/Y5aAhnOak2xO4Dp:NoQD8fJFq3K6JTJw5Thns0P4Hc

Entry address:
0x55369

Entry point:
E8, 56, 09, 00, 00, E9, D8, FC, FF, FF, 8B, 00, 81, 38, 63, 73, 6D, E0, 74, 03, 33, C0, C3, E9, D5, 09, 00, 00, 6A, 14, 68, 40, 76, 47, 00, E8, 3B, 08, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45, DC, 00, 00, 00, 00, 8B, 45, DC, C3, E8, 89, 09, 00, 00, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, 31, 08, 00, 00, C2, 10, 00, 6A, 0C, 68, 60, 76, 47...
 
[+]

Entropy:
6.2275

Code size:
364.5 KB (373,248 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
AhnLab V3Lite Tray Process

Command:
"C:\Program Files\ahnlab\v3lite\v3ltray.exe" \logon


Scan V3LTray.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.