home

V3LTray.exe

V3 Lite

AhnLab, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘AhnLab V3Lite Tray Process’.
Publisher:
AhnLab, Inc.  (signed and verified)

Product:
V3 Lite

Description:
Tray Application

Version:
1, 0, 1, 86

MD5:
d5d3e106dc946672457b1e1b44dfbb79

SHA-1:
ecb6d3017e8a4fa67d8c1cdebf67cac4e816f83e

SHA-256:
54ad8e6d7440c6f401eb39d3ab1d1cbd1be0d01f53675afe54e04369aeda6d96

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 6:32:22 PM UTC  (today)

File size:
591.2 KB (605,432 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C), AhnLab, Inc. 1988-2008, All rights reserved.

Original file name:
V3LTray.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\ahnlab\v3lite\v3ltray.exe

Digital Signature
Signed by:
AhnLab, Inc.

Authority:
VeriSign, Inc.

Valid from:
1/31/2013 9:00:00 AM

Valid to:
2/1/2014 8:59:59 AM

Subject:
CN="AhnLab, Inc.", OU=Information System Team, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="AhnLab, Inc.", L=Seongnam, S=Gyeounggi, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
01314D40B7BDB8B21D0B0466BAEC8742

File PE Metadata
Compilation timestamp:
11/8/2013 9:27:15 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:YemGDCt39fqBDCOm9Qe3lubjwjsHfNy2R:/q9fgDyQQlubjwj0fl

Entry address:
0x56109

Entry point:
E8, 56, 09, 00, 00, E9, D8, FC, FF, FF, 8B, 00, 81, 38, 63, 73, 6D, E0, 74, 03, 33, C0, C3, E9, D5, 09, 00, 00, 6A, 14, 68, 88, 7B, 47, 00, E8, 3B, 08, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45, DC, 00, 00, 00, 00, 8B, 45, DC, C3, E8, 89, 09, 00, 00, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, 31, 08, 00, 00, C2, 10, 00, 6A, 0C, 68, A8, 7B, 47...
 
[+]

Entropy:
6.2135

Code size:
368 KB (376,832 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
AhnLab V3Lite Tray Process

Command:
"C:\Program Files\ahnlab\v3lite\v3ltray.exe" \logon


Scan V3LTray.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.