home

kuaipanshellext64.dll

KuaipanShellExt

Beijing Jinshan cloud Technology Co., Ltd.

It is registered as a context menu handler (displays a menu when right-clicked in Explorer) named “KLive_ContextMenuExt”.
Publisher:
Kingsoft Corp. Ltd.  (signed by Beijing Jinshan cloud Technology Co., Ltd.)

Product:
KuaipanShellExt

Description:
KuaipanShellExt Module

Version:
2,10,0,24

MD5:
31c5d7105fec88492ef91830c99bdb3a

SHA-1:
173a375aad1b98b1e6a4db32cce00f4207d85f86

SHA-256:
2fb23387b3d9168e5de6b38eb3480fa884e6d33994a0b18ffaa7a64b35f5f169

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 11:32:48 PM UTC  (a few moments ago)

File size:
810.3 KB (829,784 bytes)

Product version:
2,10,0,24

Copyright:
Copyright © 1988-2012 Kingsoft Corporation. All rights reserved.

Original file name:
kuaipanshellext.dll

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\Program Files\kingsoft\klive\kuaipanshellext64.dll

Digital Signature
Signed by:
Beijing Jinshan cloud Technology Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
4/8/2014 8:00:00 AM

Valid to:
4/9/2015 7:59:59 AM

Subject:
CN="Beijing Jinshan cloud Technology Co., Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Beijing Jinshan cloud Technology Co., Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3303FF73234144645926E104B5269113

Registration
CLSIDs:
{0ACC30E4-6A52-4765-99F1-6240C60E8816}, {2A301372-EF60-4a54-9071-E93655AF2377}, {680CF4BD-3E40-4DC0-B91D-243DF54DE733}, {7193E1CF-2741-4F85-BF68-616FF41DBBF3}, {72F4CD64-93FD-42da-BEBC-F516496A1C44}, {7EE556A7-CACD-4a70-8C73-FCFD5BD487F9}

ProgID:
xliveshellext.privilegecom.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
10/10/2014 2:43:36 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:MAYBESm7uxjEd8rxg9dsjn77LV4FpKSPpDvvterA:MPawjU8rxgDsj7/VSpKSptGA

Entry address:
0x2FFD8

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 9F, 7B, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, A7, FE, FF, FF, CC, CC, CC, 40, 53, 48, 83, EC, 30, 48, 8B, D9, B9, 0E, 00, 00, 00, E8, 2D, 7E, 00, 00, 90, 48, 8B, 43, 08, 48, 85, C0, 74, 3F, 48, 8B, 0D, EC, 6A, 03, 00, 48, 8D, 15, DD, 6A, 03, 00, 48, 89, 4C, 24, 20, 48, 85, C9, 74, 19, 48, 39, 01, 75, 0F, 48, 8B, 41, 08, 48, 89...
 
[+]

Entropy:
5.7020

Code size:
273 KB (279,552 bytes)

Context Menu Handler
Display name:
KLive_ContextMenuExt

CLSID:
{680CF4BD-3E40-4DC0-B91D-243DF54DE733}

CLSID name:
KLive_ContextMenuExt Class


Scan kuaipanshellext64.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.