home

KmLiveShare.dll

PIPI

浙江浩影网络有限公司

Publisher:
PIPI Tech  (signed by 浙江浩影网络有限公司)

Product:
PIPI

Description:
LiveShare Module

Version:
1.3.29.0

MD5:
12b6a85267fd8516c8eae6671d15c1f9

SHA-1:
7c66c544eb6fc0cf4486158f1d63d1170b04e40a

SHA-256:
2f505cd3a46d9d0599387b28767aa71675506ffe03e5cbdefc8bd2a7d40b5f52

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 6:24:28 PM UTC  (today)

File size:
630.1 KB (645,240 bytes)

Product version:
1.3.29.0

Copyright:
(C) <PIPI Tech>。保留所有权利。

Original file name:
KmLiveShare.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Chinese (Simplified, China)

Digital Signature
Signed by:
浙江浩影网络有限公司

Authority:
WoSign CA Limited

Valid from:
5/15/2015 2:06:40 PM

Valid to:
12/30/2016 12:00:00 AM

Subject:
CN=浙江浩影网络有限公司, O=浙江浩影网络有限公司, L=杭州市, S=浙江省, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
46D74FA35D738D1D320CB6C8E3CF48D2

File PE Metadata
Compilation timestamp:
8/12/2015 4:57:46 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:jT7pJbXVV6SKWnl9l4OtPBvX8YLUTZ1ThB4m1AR6eUE:jXpJJpvsLZ1THJ1neUE

Entry address:
0x4FDF2

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 5C, D8, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 20, D0, 07, 10, E8, DF, 93, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 00, 49, 08, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 50, 04, 07, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Entropy:
6.0698

Developed / compiled with:
Microsoft Visual C++

Code size:
427.5 KB (437,760 bytes)

The file KmLiveShare.dll has been seen being distributed by the following 2 URLs.

http://www.pipi.cn/.../KmLiveShare_13290.dll

http://dl.pipi.cn/.../KmLiveShare_13290.dll

Scan KmLiveShare.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.