home

V3LTray.exe

V3 Lite

AhnLab, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘AhnLab V3Lite Tray Process’.
Publisher:
AhnLab, Inc.  (signed and verified)

Product:
V3 Lite

Description:
Tray Application

Version:
1, 0, 0, 25

MD5:
0667264702bdf66977d087c9414fb569

SHA-1:
cccc7c0b7c9728e94432984292ec9a3dc86aeacf

SHA-256:
1c64c096a38d13c5d53610bf4c31c6ddad20522151070e842cd1df46e4786d94

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 6:59:50 AM UTC  (today)

File size:
310.7 KB (318,136 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C), AhnLab, Inc. 1988-2008, All rights reserved.

Original file name:
V3LTray.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\ahnlab\v3lite\v3ltray.exe

Digital Signature
Signed by:
AhnLab, Inc.

Authority:
VeriSign, Inc.

Valid from:
10/6/2008 9:00:00 AM

Valid to:
10/7/2009 8:59:59 AM

Subject:
CN="AhnLab, Inc.", OU=Information System Team, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="AhnLab, Inc.", L=Yeongdeungpo-gu, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2FFF4CBB3684A214EBA54BDCD2CE512A

File PE Metadata
Compilation timestamp:
8/26/2009 7:36:21 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:jSS1I3rEJVPO0yk8TXVFtoBVXRewzup0wqnM:jf1I3rEJVPydrtoBBRbisM

Entry address:
0x2BDF8

Entry point:
55, 8B, EC, 6A, FF, 68, 90, 02, 43, 00, 68, 32, C3, 42, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, 5F, 57, FF, 15, 28, F6, 42, 00, 59, 83, 0D, B0, E1, 44, 00, FF, 83, 0D, B4, E1, 44, 00, FF, FF, 15, 24, F6, 42, 00, 8B, 0D, 6C, E1, 44, 00, 89, 08, FF, 15, 20, F6, 42, 00, 8B, 0D, 68, E1, 44, 00, 89, 08, A1, 1C, F6, 42, 00, 8B, 00, A3, AC, E1, 44, 00, E8, B6, 04, 00, 00, 39, 1D, F8, 84, 44, 00, 75, 0C, 68, 1C, C3, 42, 00, FF, 15...
 
[+]

Entropy:
5.9458

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
184 KB (188,416 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
AhnLab V3Lite Tray Process

Command:
"C:\Program Files\ahnlab\v3lite\v3ltray.exe" \logon


Scan V3LTray.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.