» kvonline.exe
Overview
Analysis
File Details

kvonline.exe

Jiangmin Antivirus Software

Beijing Jiangmin New Sci.&Tec. Co. Ltd.

This is a setup and installation application.

File name:

kvonline.exe

Publisher:

Jiangmin Co., Ltd. (signed by Beijing Jiangmin New Sci.&Tec. Co. Ltd.)

Product:

Jiangmin Antivirus Software

Description:

Jiangmin Setup Module

Version:

13, 0, 10, 111

MD5:

fa215f69367cb803fe6241e4fbbf0856

SHA-1:

2c08027f7d55eb424f4c3e4fddbd22d8a510b938

SHA-256:

ce847a84e866050f500ad4003703bfd5539682603fd299489b962c1e08b6fd8c

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 12:54:38 PM UTC (today)

File size:

2.5 MB (2,663,304 bytes)

Product version:

13, 0, 0, 900

Original file name:

Setup.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\kvonline.exe

Digital Signature

Signed by:

Beijing Jiangmin New Sci.&Tec. Co. Ltd.

Authority:

VeriSign, Inc.

Valid from:

5/6/2010 8:00:00 AM

Valid to:

7/12/2013 7:59:59 AM

Subject:

CN=Beijing Jiangmin New Sci.&Tec. Co. Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Beijing Jiangmin New Sci.&Tec. Co. Ltd., S=Beijing, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

4EA61DB2C8405E91D286587B975183A7

File PE Metadata

Compilation timestamp:

1/26/2010 2:42:05 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

49152:O6n+14oByfeZu2mwHl4v6DPxBSMjyUi95g2cf0nwQOpsj:FBWZ/mk4s0WDB2cGB

Entry address:

0x4F762

Entry point:

E8, 83, AE, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 83, EC, 14, 53, FF, 75, 0C, 8D, 4D, EC, E8, 32, BF, FF, FF, 8B, 4D, 08, 81, F9, FF, 00, 00, 00, 76, 6B, 33, C0, 57, 33, DB, 66, 89, 5D, FC, 8D, 7D, FE, 66, AB, 8B, C1, C1, E8, 08, 88, 45, 08, 8B, 45, F0, 88, 4D, 09, 39, 58, 08, 5F, 75, 10, 38, 5D, F8, 74, 07, 8B, 45, F4, 83, 60, 70, FD, 33, C0, EB, 70, 6A, 01, FF, 70, 0C, FF, 70, 04, 8D, 45, FC, 50, 6A, 02, 8D, 45, 08, 50, 6A, 01, 53, E8, 17, B1, 00, 00, 83, C4, 20, 85, C0, 74, CF, 66, 39, 5D, FE, 75, 0B... 
[+]

Entropy:

7.8632 (probably packed)

Code size:

404 KB (413,696 bytes)

Scan kvonline.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.