home

1z0u2j.exe

Kingsoft Internet Security

Beijing Kingsoft Security software Co.,Ltd

Publisher:
Kingsoft Corporation  (signed by Beijing Kingsoft Security software Co.,Ltd)

Product:
Kingsoft Internet Security

Description:
新毒霸安装程序

Version:
2014,03,11,8992

MD5:
87e110456a41f69883fd1d5afafeeb17

SHA-1:
cea1ac77110bfb24068b15d516d5f173e06a75f3

SHA-256:
17d6c5753721836cb018cda255003d0ceb462bbca54f675b025fe24a6e06374a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 2:23:03 AM UTC  (today)

File size:
39.6 MB (41,511,312 bytes)

Product version:
9,0,154044,8992

Copyright:
Copyright (C) 1998-2014 Kingsoft Corporation

Original file name:
kpacket.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\roaming\1z0u2j.exe

Digital Signature
Signed by:
Beijing Kingsoft Security software Co.,Ltd

Authority:
VeriSign, Inc.

Valid from:
12/26/2011 7:00:00 AM

Valid to:
12/26/2014 6:59:59 AM

Subject:
CN="Beijing Kingsoft Security software Co.,Ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Beijing Kingsoft Security software Co.,Ltd", L=beijing, S=beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
07BC3A51B589E5AF43291DF84EA4C571

File PE Metadata
Compilation timestamp:
3/11/2014 8:20:13 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
786432:hM0kFu2RrIQ5gR0++GyLjFkBDLqQ6sh6Wu7rd3/9J19w8Kg7k1:jkkyrIQ3DmBfqsg/13/Y8Kg7O

Entry address:
0x1D5132

Entry point:
E8, 44, 40, 13, 00, E6, 54, C5, 7B, 5F, C3, 19, C9, 98, 62, B3, 49, E2, B2, 17, 00, 2A, 49, 8B, 34, EA, AE, F0, F3, 6A, 70, FD, 0A, DA, 7E, 87, 6B, C1, B8, 19, BB, 31, 8F, 02, 80, 4E, A3, 4B, 06, D6, B9, 66, FF, 25, 9B, 25, 8F, A8, 04, 78, DE, 23, 50, DE, 6F, 57, BC, A5, D4, D9, AF, E4, 49, A1, BF, D5, 8D, C7, CF, CF, B7, 1C, 64, CC, 6A, 04, 22, 3E, 64, 2D, 7A, 4B, 47, 89, 0A, 2E, 44, 54, B8, 3E, 05, E9, B1, 6A, FC, D5, 4F, E9, 91, 55, 00, 00, 91, CF, 4A, 7B, 5F, C3, B2, 5B, 5E, 10, 25, 98, 95, C4, 5A, A7...
 
[+]

Entropy:
7.9998  (probably packed)

Code size:
3 MB (3,190,784 bytes)

Scan 1z0u2j.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.