home

install1259366.exe

Beijing Rising Information Technology Corporation Limited

This is a setup program which is used to install the application. The file has been seen being downloaded from dl.ikiki.cn.
Publisher:
Beijing Rising Information Technology Corporation Limited  (signed and verified)

MD5:

SHA-1:
3b91c460902ba51be47abcbce0a847ecd0b2fb5c

SHA-256:
21746950f485a2c12f03800b54414f6c97222dff27c33c5b10bd2052bdd64f4a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/17/2024 1:48:26 PM UTC  (today)

File size:
5.1 MB (5,387,440 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\install1259366.exe

Digital Signature
Signed by:
Beijing Rising Information Technology Corporation Limited

Authority:
VeriSign, Inc.

Valid from:
6/9/2015 8:00:00 AM

Valid to:
9/8/2018 7:59:59 AM

Subject:
CN=Beijing Rising Information Technology Corporation Limited, O=Beijing Rising Information Technology Corporation Limited, L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
322A78CAB100B4B6D9A0CC66C16B802D

File PE Metadata
Compilation timestamp:
9/8/2015 4:37:14 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
98304:/aVrnB0vrbzzzzzkzzzzzFf9ojeZLIPpZ+ryg7HU6LPpbE43LPfuyLDT1efS2BV3:/aVjB2bzzzzzkzzzzzt9oHpW7/LPG43k

Entry address:
0x1883E

Entry point:
6A, 60, 68, 28, F6, 42, 00, E8, 42, F4, FF, FF, BF, 94, 00, 00, 00, 8B, C7, E8, 9A, F5, FF, FF, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, E4, E0, 42, 00, 8B, 4E, 10, 89, 0D, 9C, 8F, 53, 00, 8B, 46, 04, A3, A8, 8F, 53, 00, 8B, 56, 08, 89, 15, AC, 8F, 53, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, A0, 8F, 53, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, A0, 8F, 53, 00, C1, E0, 08, 03, C2, A3, A4, 8F, 53, 00, 33, F6, 56, 8B, 3D, 0C, E1, 42, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03...
 
[+]

Entropy:
7.9026

Developed / compiled with:
Microsoft Visual C++ v7.0

Code size:
180 KB (184,320 bytes)

Access Provider
Name:
MartaExtension


The file install1259366.exe has been discovered within the following programs.

Adobe Reader X (10.1.5)  by Adobe Systems Incorporated
Adobe Acrobat X (version 10.0) is an applications designed to view, create, manipulate, print and manage files in Portable Document Format (PDF). Acrobat and Reader are widely used as a method of presenting information with a fixed layout similar to a paper publication.
www.adobe.com
4% remove it
Java 7 Update 13  by Oracle Corporation
This release includes important security fixes. Oracle strongly recommends that all Java SE 7 users upgrade to this release.
java.com
9% remove it
Java 7 Update 15  by Oracle Corporation
Publisher's description - “The full version string for this update release is 1.7.0_15-b03 (where "b" means "build") and the version number is 7u15. JDK 7u15 contains Olson time zone data version 2012i. For more information, refer to Timezone Data Versions in the JRE Software.”
www.oracle.com/technetwork/java/javase/7u15-relnotes-1907738.html
6% remove it
Java 7 Update 7  by Oracle Corporation
Publisher's description - “This releases brings in key security features and bug fixes. Oracle strongly recommends that all Java SE 7 users upgrade to this release. JavaFX 2.2.4 is now bundled with the JDK on Windows, Mac and Linux x86/x64.”
12% remove it
QuarkXPress  by Quark Inc.
www.quark.com
8% remove it
The Sims™ Life Stories  by Electronic Arts
The Sims Life Stories is a video game distributed through EA's Origin digital distribution and digital rights management content delivery system.
www.ea.com
5% remove it
Total Video Converter 3.71 100812  by EffectMatrix Inc.
Publisher's description - “E.M. Total Video Converter is a piece of extremely powerful and full-featured converter software that supports almost all video and audio formats.”
www.effectmatrix.com/total-video-converter
19% remove it
TVCenter  by PCTV Systems
Publisher's description - “PCTV TV Center is equipped with a powerful PVR functionality. You can watch your favorite TV stations, timeshift, schedule recordings and much more . PCTV TV products bring TV to your computer. You can easily enable your PC / Laptop with a full featured TV functionality.”
www.pctvsystems.com
23% remove it
 
Powered by Should I Remove It?

The file install1259366.exe has been seen being distributed by the following URL.

http://dl.ikiki.cn/dl/.../install1259366.exe

Scan install1259366.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.