home

Hotkey.exe

KU0512 Hotkey

Chicony Electronics Co., Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘aHotkey’.
Publisher:
CHICONY  (signed by Chicony Electronics Co., Ltd.)

Product:
KU0512 Hotkey

Version:
1, 0, 0, 0

MD5:
dff71ddb380b9e842c6badc6518d2249

SHA-1:
d2b6f67ef3c5faf0655cd88bd10cbd3d16cc7357

SHA-256:
d7e537fdd84092b376b62ba4c3d7f140dc7a78af84ec96d70d9da832159fef03

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 7:48:09 AM UTC  (today)

File size:
49.8 KB (51,024 bytes)

Product version:
1, 0, 0, 0

Copyright:
Copyright c 2013

Original file name:
Hotkey.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Traditional, Taiwan)

Common path:
C:\Program Files\chicony\ku0512 hotkey driver\hotkey.exe

Digital Signature
Signed by:
Chicony Electronics Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
10/3/2012 3:30:00 AM

Valid to:
10/3/2015 3:29:59 AM

Subject:
CN="Chicony Electronics Co., Ltd.", OU=Keyboard, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Chicony Electronics Co., Ltd.", L=Taipei, S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7A329B53E3FBF61A1B815EFF620FDC85

File PE Metadata
Compilation timestamp:
10/16/2013 5:04:54 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
768:qVn/DlmqkCzi4mosNhvkP9NaVKkkUED3hAno+Hm4SMzsT2yFl4:qdDkq/zi4cv49wUkoAoNMM2gK

Entry address:
0x1836

Entry point:
E8, B4, 18, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, 28, A7, 40, 00, FF, 15, 60, 60, 40, 00, 85, C0, 75, 18, 56, E8, 66, 19, 00, 00, 8B, F0, FF, 15, 5C, 60, 40, 00, 50, E8, 16, 19, 00, 00, 59, 89, 06, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 8B, C1, 8B, 4D, 08, C7, 00, B0, 61, 40, 00, 8B, 09, 89, 48, 04, C6, 40, 08, 00, 5D, C2, 08, 00, 8B, 41, 04, 85, C0, 75, 05, B8, B8, 61, 40, 00, C3, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 57, 8B, F9, 74, 2D, 56, FF, 75, 08...
 
[+]

Entropy:
6.0469

Code size:
20 KB (20,480 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
aHotkey

Command:
C:\Program Files\chicony\ku0512 hotkey driver\hotkey.exe


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.