home

keyinit.exe

Find Lock Install

JAMIcommunication

The application keyinit.exe by JAMIcommunication has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
(주)재미커뮤니케이션  (signed by JAMIcommunication)

Product:
Find Lock Install

Version:
1.0.0.0

MD5:
f3b582c69d00288b74a125a111881ce3

SHA-1:
725f064076911c676f9d3e371a9247a0ffacdf12

SHA-256:
543111c110fdac53879292e4e0230285b956d51a625510bbfff652bd3a4f5bba

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/30/2024 6:06:04 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.11.6.19

File size:
605.5 KB (619,992 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\microsoft\windows\templates\keyinit.exe

Digital Signature
Signed by:
JAMIcommunication

Authority:
Thawte, Inc.

Valid from:
11/29/2011 9:00:00 AM

Valid to:
11/29/2012 8:59:59 AM

Subject:
CN=JAMIcommunication, OU=Dev Team, O=JAMIcommunication, L=Seoul, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
560752FB0B1336D4A3AFB0DCCD1EE440

File PE Metadata
Compilation timestamp:
6/20/1992 7:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
6144:0EHWJPHbm3dhnApxDBWscWhJ2cOg474/kqSYvrG9kXZXVnhWkZ26M+4t1/cA3I3G:T9Ar4sX0S40vx26Ve3c9UI8fuPy6KKe

Entry address:
0x781C8

Entry point:
55, 8B, EC, 83, C4, F0, B8, 20, 7E, 47, 00, E8, 00, EB, F8, FF, A1, E8, AA, 47, 00, 8B, 00, E8, CC, BE, FD, FF, 8B, 0D, 34, A7, 47, 00, A1, E8, AA, 47, 00, 8B, 00, 8B, 15, B0, 65, 47, 00, E8, CC, BE, FD, FF, A1, E8, AA, 47, 00, 8B, 00, C6, 40, 5B, 00, A1, E8, AA, 47, 00, 8B, 00, E8, 35, BF, FD, FF, E8, E4, C6, F8, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5936

Developed / compiled with:
Microsoft Visual C++

Code size:
477 KB (488,448 bytes)

Remove keyinit.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.