V3LTray.exe

V3Light Framework

AhnLab, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘AhnLab Tray Process’.
Publisher:
AhnLab, Inc.  (signed and verified)

Product:
V3Light Framework

Description:
V3 365 Clinic Tray

Version:
2, 0, 0, 74

MD5:
6f439b646e11e3d53afa34328ff23ce1

SHA-1:
896af38ec9859dacd92a6c5254658d3280fd1b8a

SHA-256:
f8e3bded92541750ff3cb133bc5aede9ec8d7f93c9f2ae1c23612fcb8f625962

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
10/15/2018 12:13:13 PM UTC  (today)

File size:
318.7 KB (326,376 bytes)

Product version:
2, 0, 0, 1

Copyright:
Copyright (C), AhnLab, Inc. 1988-2008, All rights reserved.

Original file name:
V3LTray.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\ahnlab\v3 365 clinic\v3ltray.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
10/6/2009 9:00:00 AM

Valid to:
10/7/2010 8:59:59 AM

Subject:
CN="AhnLab, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="AhnLab, Inc.", L="Yeongdeungpo-gu ", S=SEOUL, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6D1F15C8B89225B9BBFFE923241A6AC4

File PE Metadata
Compilation timestamp:
2/19/2010 3:18:40 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x2CD34

Entry point:
55, 8B, EC, 6A, FF, 68, 78, 13, 43, 00, 68, 72, D2, 42, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, 5F, 57, FF, 15, 2C, 06, 43, 00, 59, 83, 0D, A0, 02, 45, 00, FF, 83, 0D, A4, 02, 45, 00, FF, FF, 15, 28, 06, 43, 00, 8B, 0D, 94, 02, 45, 00, 89, 08, FF, 15, 24, 06, 43, 00, 8B, 0D, 90, 02, 45, 00, 89, 08, A1, 20, 06, 43, 00, 8B, 00, A3, 9C, 02, 45, 00, E8, BA, 04, 00, 00, 39, 1D, 58, A6, 44, 00, 75, 0C, 68, 5C, D2, 42, 00, FF, 15...
 
[+]

Entropy:
5.9524

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
188 KB (192,512 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
AhnLab Tray Process

Command:
"C:\Program Files\ahnlab\v3 365 clinic\v3ltray.exe" \logon


Scan V3LTray.exe - Powered by Reason Core Security